An insider threat, intentional or accidental, cost businesses millions of dollars to repair — find out what insider threats are and how your business can mitigate them

Outside forces are always looking to breach a company’s firewalls and steal data. Businesses spend enormous sums of money protecting their information systems from being breached by outsiders. But what about a threat from inside the company? Insider threats can be as dangerous and costly as being hacked from an outside source.

So how does a company reduce the risk of an insider threat? This article will explore what an insider threat is, the types of insider threats and how your business can prevent them.

Outside forces are always looking to breach a company’s firewalls and steal data. Businesses spend enormous sums of money protecting their information systems from being breached by outsiders. But what about a threat from inside the company? Insider threats can be as dangerous and costly as being hacked from an outside source.

So how does a company reduce the risk of an insider threat? This article will explore what an insider threat is, the types of insider threats and how your business can prevent them.

What Is an Insider Threat?

An insider threat is a serious security issue inside an organization. Whether intentional or not, they are threatening a business’s security, information or money. Most insider threat issues come from unintentional sources, such as an employee uploading sensitive data for personal use.

However, there could always be an intentional insider threat wanting to cause damage. Intentional or not, insider threats cost businesses globally an average of $11.5 million in 2020, a 31% increase since 2018.

What Is an Insider Threat?

An insider threat is a serious security issue inside an organization. Whether intentional or not, they are threatening a business’s security, information or money. Most insider threat issues come from unintentional sources, such as an employee uploading sensitive data for personal use.

However, there could always be an intentional insider threat wanting to cause damage. Intentional or not, insider threats cost businesses globally an average of $11.5 million in 2020, a 31% increase since 2018.

Types of Insider Threats

There are three primary types of insider threats:

  1. A careless employee or contractor
  2. A credential thief or employee impersonator
  3. A malicious or unscrupulous employee

Negligence is the cause of 62% of the insider threats in the 2020 Poneman Institute study. Two of the most common passwords used today are “password” and “123456.”

Another study, the annual Verizon Data Breach Investigations Report, reported 85% of data thefts included a human element and 61% involved stolen or misused credentials.

Types of Insider Threats

There are three primary types of insider threats:

  1. A careless employee or contractor
  2. A credential thief or employee impersonator
  3. A malicious or unscrupulous employee

Negligence is the cause of 62% of the insider threats in the 2020 Poneman Institute study. Two of the most common passwords used today are “password” and “123456.”

Another study, the annual Verizon Data Breach Investigations Report, reported 85% of data thefts included a human element and 61% involved stolen or misused credentials.

How To Prevent Insider Threats

Total prevention of insider threats is unlikely. However, there are several ways companies can decrease the severity, cost and
frequency of insider threats causing damage.

Least Level Access

Ash Devata, General Manager of Cisco Zero Trust and Duo Security, says having the framework to provide “least-level” access is a good start to reducing the risk of insider threats. Least-level access is the core idea of some of the best zero-trust networks and it is gaining popularity in cybersecurity.

Some companies grant employees too much access, mainly for convenience. For example, companies give the same access to all new-hire employees, basically copying their access permissions. Then when employees are moved or promoted, they are “copied” a new set of permissions for their new role. The process of copying security access keeps repeating itself. These careless acts give the new employees far too much security access.

Promotions, transfers, and new hires happen all the time in business. However, organizations must be careful with transferring credentials. They are at risk when security access changes are shortcutted, copied or not changed at all.

Least Level Access

Ash Devata, General Manager of Cisco Zero Trust and Duo Security, says having the framework to provide “least-level” access is a good start to reducing the risk of insider threats. Least-level access is the core idea of some of the best zero-trust networks and it is gaining popularity in cybersecurity.

Some companies grant employees too much access, mainly for convenience. For example, companies give the same access to all new-hire employees, basically copying their access permissions. Then when employees are moved or promoted, they are “copied” a new set of permissions for their new role. The process of copying security access keeps repeating itself. These careless acts give the new employees far too much security access.

Promotions, transfers, and new hires happen all the time in business. However, organizations must be careful with transferring credentials. They are at risk when security access changes are shortcutted, copied or not changed at all.

Active Monitoring

Active monitoring is another practice that can help prevent insider threats. However, you must consider employee privacy concerns, how to manage false positives, and guidelines on what you are monitoring.

This tactic will require deciding what information to block and allow. That raises questions if you are inhibiting the workflow process. Some departments, such as sales and human resources, need to communicate directly with customers. Blocking text and emails from those departments could cost your business time and money.

Active Monitoring

Active monitoring is another practice that can help prevent insider threats. However, you must consider employee privacy concerns, how to manage false positives, and guidelines on what you are monitoring.

This tactic will require deciding what information to block and allow. That raises questions if you are inhibiting the workflow process. Some departments, such as sales and human resources, need to communicate directly with customers. Blocking text and emails from those departments could cost your business time and money.

Better Communication Across Departments

Insider threats come from a mixture of human and technical problems. Businesses must manage an insider threat issue across many company departments to minimize risk. The best tactic to reduce insider threats is open communication between human resources and the cybersecurity team.

Consider assembling an insider threat team composed of employees from multiple departments. Form a team with a few human resources, executive management and IT personnel employees. Then assemble a set of guidelines on how to combat insider threats.

Better Communication Across Departments

Insider threats come from a mixture of human and technical problems. Businesses must manage an insider threat issue across many company departments to minimize risk. The best tactic to reduce insider threats is open communication between human resources and the cybersecurity team.

Consider assembling an insider threat team composed of employees from multiple departments. Form a team with a few human resources, executive management and IT personnel employees. Then assemble a set of guidelines on how to combat insider threats.

Final Thoughts

Insider threats and attacks on businesses cost time, money and resources to repair. Prevention is the primary goal for reducing insider threats. Educate employees on the importance of choosing a good password and not taking shortcuts like copying security clearances. These practices will also go a long way to preventing insider threats.

There is no surefire way to prevent all insider threats. A company’s best bet is to use a combination of technical and human aspects to mitigate the frequency and prevent them from happening.

Final Thoughts

Insider threats and attacks on businesses cost time, money and resources to repair. Prevention is the primary goal for reducing insider threats. Educate employees on the importance of choosing a good password and not taking shortcuts like copying security clearances. These practices will also go a long way to preventing insider threats.

There is no surefire way to prevent all insider threats. A company’s best bet is to use a combination of technical and human aspects to mitigate the frequency and prevent them from happening.

Share This Story, Choose Your Platform!

Let’s have a 15-minute video call

We are now taking on new clients.