Statistics about insider threats have a way of shattering our rosy-colored glasses about employee loyalty. A whopping 94% of organizations experienced an insider breach in the last 12 months. Of those, human error caused the vast majority of breaches (84%). But fully 66% of those that weren’t caused by error originated from a malicious leak. That’s especially concerning since only 28% of IT pros reported being most concerned about “intentionally malicious behavior” as the type of behavior to cause an insider breach. And somewhat surprisingly, 23% of employees surveyed think it’s perfectly within their rights to take company data with them to a new job.
A high-profile case last year showed just how dramatic the consequences of stolen data can be. Two former GE employees came out with prison time and a 1.4 million fine for starting a company based on trade secrets. Guess where those came from? They stealthily downloaded them at work.
True, it’s a dramatic example. Most insider breaches aren’t on such a large scale. But as IT leadership, we hope for the best, but prepare for the worst.
The first step is knowing who poses a threat. To be an insider threat, your users need either internal or remote access to bypass the system’s firewall or other network defense. These insiders can be business partners, contractors, vendors, or naturally, employees. They can even be people outside the company who somehow gain access to the premises. Anyone who has access to the network from inside can sabotage your security, misconfigure the system to allow data leaks, or commit IP theft or fraud.
Common devices can also pose a threat when in the wrong hands. For example, most systems don’t detect USB sticks or Bluetooth transmitters on insertion. This illustrates an important point: there is no one security solution that protects from every type of insider threat. And a second: insider threats are difficult to prevent without first knowing how to recognize motivations or patterns of potential attackers.
From The Shadows Emerges Knowledge