Of course, your employees are diligent, security conscious and loyal. But the real world tells a different story. A grand total of 94% of organizations had an insider data breach in the past year, with 84% of the data breaches resulting from human error. And while 66% of data breaches resulted from a malicious leak, the same study mentions that only 28% of IT leaders list intentionally malicious behavior as the type of insider breach that most concerns them. Perhaps most hair-raising of all, 23% of respondents to an employee poll believe they are entitled to take data with them to a new company.
On the last point, one high-profile case illustrated the potential consequences of this behavior: two General Electric employees started a competing company based on trade secrets that they downloaded at work. These two former GE employees ended up with a prison sentence and a $1.4 million fine a searing reminder that employees do not have the right to take company data to another company.
While most insider data breaches arent quite as malicious or blatant, its important to prepare for the worst-case scenario.
An insider threat typically refers to potential attacks from users with internal or remote access inside the systems firewall or other network perimeter defenses. These threat actors can include employees, contractors, third-party vendors and even business partners. In other words, anyone with network access. Potential results include fraud, theft of intellectual property (IP), sabotage of security measures or misconfigurations to allow data leaks.
Of course, not all insider threats come from actual insiders. Its not hard to imagine instances where, for example, an external party gains access to the physical premises and connects to the network directly, deploying a router in a discreet location for future remote access. This example raises the importance of on-premises security and early detection whenever unapproved devices are added to the network.
A few common examples, like memory sticks or Bluetooth transmitters, can also often pass under the radar. Does your system detect these on insertion? Probably not. This is important because it emphasizes a few key points:
How do we pin down and anticipate the possible motivations of potential insider threats? For the most part, the type of insider threat actor that applies to your company will depend on your industry, company size, and the scope of your IT infrastructure. Lets look at a few of the most common drivers:
1. Human error: Most companies deal with human error, where the actor has no malicious intent. They may not be aware that their actions compromise security (especially if their role doesnt involve technical know-how), or they may just be careless.
2. Lack of clarity about responsibility for securing data: As many IT pros can attest, some users need more help than others to take security seriously. Senior executives are infamously cavalier in their attitude to security, believing IT procedures dont apply to them. Theyre focused on the Big Picture. (Insert audible sigh.) Suffice to say, its critical for all employees to take responsibility and ownership of security. Execs especially must lead by example when it comes to security awareness.
3. Malicious intent: Malicious insiders, however, are another story. Their goals are often very simple: to sell the data they acquire or profit (in conjunction with an external party) from reconfiguring security assets for remote access. Disgruntled employees, like those who failed to get that pay raise, promotion, or due recognition (ever had a manager claim credit for your work?) are all potential threats. Human nature being what it is, an employee could also simply harbor a grudge for who knows what reason and deliberately disrupt operations to get back at the company or the individual responsible for IT security.
Organizations in sensitive sectors such as intelligence, defense, and critical infrastructure face additional insider threats. Employees may, in fact, be spies for a rival organization or perhaps existing employees are blackmailed into acting in the interests of a rival. Edward Snowden, despite being a whistleblower guided by his conscience, did harvest data as an insider, changing cybersecurity objectives worldwide as a direct result. Can your company protect itself against a similar threat?
Lets consider a few other risk factors that can make organizations vulnerable to insider threats:
1. Level of access: Your IT administrators have the highest-level network credentials, allowing them full control. Lets assume one of them is feeling undervalued and is planning to leave the company. Rather than just leave, the administrator installs several copies of Microsoft Office, knowing that they will be unlicensed. A mysterious whistleblower then informs an organization such as BSA | The Software Alliance and receives a percentage of the hefty penalty awarded for licensing infringement. For smaller companies, this insider threat could well lead to bankruptcy.
2. CCTV: If youre a healthcare provider and install CCTV cameras facing computer screens where patients medical records are displayed, you are violating HIPAA (in the U.S.) and other data privacy laws for healthcare records in other countries. Its a possible insider threat and carries the usual high penalties that compensate a government department (and not, unfortunately, the victims).
3. Social engineering: Members of your team are regulars at a few local coffee shops, restaurants, or bars. One day, as part of a promotion, memory sticks are given to all customers at a place your staff is known to frequent. Congratulations, all who accept the promo are now proud owners of a malware variant that allows the hacker remote access to the system when inserted into the USB port. The memory sticks were donated by a friendly neighborhood hacker as part of a fake company promotion, with the plan of targeting your company, a large local employer. How many of your employees will use these memory sticks at work?
4. Remote work: As remote work becomes more and more prevalent, theres a rising spat of insider threats originating outside the network infrastructure. First, because being outside the network infrastructure makes it easier for hackers to gain access unless the same security tools are installed on all devices used for work on- and off-premises. The trend of bring your own device (BYOD) only complicates the task for IT pros, especially if these devices are lost or stolen. Is a remote wipe possible on all devices? Also, how can you ensure that anyone who has access to a remote machine doesnt manually copy or take pictures of sensitive information? All photos of text documents are fair game to hackers and just as valuable as the files themselves.
Yes, identifying insider threat personas is a difficult task. But the consequences of failing to do so are great. Data loss or security breaches cost money. Any service outages cost money as well. Then you have reputational damage to consider. Finally, legislative penalties are often substantial under a variety of industry standards and data privacy laws. So, whether its a sales executive accidentally emailing wholesale pricing to a retail client or a malicious insider selling trade secrets on the dark web, the company pays a price.
In cases where insiders work with external actors, is the on-premises security posture robust enough to prevent stranger access or dumpster diving where the insider has placed IP documentation for later collection? Finally, in a business environment where insider threats are obviously on the rise, what security measures can prevent attacks without negatively affecting employee productivity and morale? Now that is the real conundrum.
Visit link:
Data security in the age of insider threats: A primer - Help Net Security
- New York Times pushes clemency for Edward Snowden. Justified? (+video) [Last Updated On: January 5th, 2014] [Originally Added On: January 5th, 2014]
- Napolitano Says No Clemency for Edward Snowden [Last Updated On: January 5th, 2014] [Originally Added On: January 5th, 2014]
- Hero Edward Snowden? [Last Updated On: January 5th, 2014] [Originally Added On: January 5th, 2014]
- What to do about Snowden: The NY Times gets it right [Last Updated On: January 5th, 2014] [Originally Added On: January 5th, 2014]
- Snowden 'an aberration': Booz Allen CEO [Last Updated On: January 5th, 2014] [Originally Added On: January 5th, 2014]
- Edward Snowden - Wikipedia, the free encyclopedia [Last Updated On: January 5th, 2014] [Originally Added On: January 5th, 2014]
- Will Obama Help Edward Snowden? - Video [Last Updated On: January 5th, 2014] [Originally Added On: January 5th, 2014]
- 2 Newspapers Call For Clemency For Edward Snowden - Video [Last Updated On: January 5th, 2014] [Originally Added On: January 5th, 2014]
- Editorials Argue Why Edward Snowden Should Get Clemency - Video [Last Updated On: January 5th, 2014] [Originally Added On: January 5th, 2014]
- EDWARD Snowden - IS HE A HERO OR A TRAITOR??? - Video [Last Updated On: January 5th, 2014] [Originally Added On: January 5th, 2014]
- Snowden seeks extra Russian protection after U.S. threats [Last Updated On: January 22nd, 2014] [Originally Added On: January 22nd, 2014]
- Edward Snowden denies that he's a Russian spy [Last Updated On: January 22nd, 2014] [Originally Added On: January 22nd, 2014]
- Snowden Denies Working as Foreign Spy, New Yorker Reports [Last Updated On: January 22nd, 2014] [Originally Added On: January 22nd, 2014]
- Glenn Greenwald I Defend Edward Snowden Like MSNBC Defends Obama "24 Hours A Day" - Video [Last Updated On: January 22nd, 2014] [Originally Added On: January 22nd, 2014]
- Former CIA insider on Sochi Olympics security, Edward Snowden - Video [Last Updated On: January 22nd, 2014] [Originally Added On: January 22nd, 2014]
- Airdate : January 4, 2014 : Clemency for Edward Snowden - Video [Last Updated On: January 22nd, 2014] [Originally Added On: January 22nd, 2014]
- #10 Edward Snowden a Hoax?? Rockefeller: Human Cloning in Film Documentary Series Jan 20 2014 - Video [Last Updated On: January 22nd, 2014] [Originally Added On: January 22nd, 2014]
- Double Standards - Edward Snowden: Traitor or hero - Video [Last Updated On: January 22nd, 2014] [Originally Added On: January 22nd, 2014]
- Edward Snowden NSA Spying HOAX BUSTED fraud Jan 19 2014 Rockefeller net Ron Rand Paul Breaking News - Video [Last Updated On: January 22nd, 2014] [Originally Added On: January 22nd, 2014]
- Philip and Edward Snowden. - Video [Last Updated On: January 22nd, 2014] [Originally Added On: January 22nd, 2014]
- Did Snowden Act Alone? - Video [Last Updated On: January 23rd, 2014] [Originally Added On: January 23rd, 2014]
- Edward Snowden Denies Russian Spy Theory - Video [Last Updated On: January 23rd, 2014] [Originally Added On: January 23rd, 2014]
- Coastal Today Show, January 20 - 26, 2014 | Full Episode - Video [Last Updated On: January 23rd, 2014] [Originally Added On: January 23rd, 2014]
- BREAKING! Edward Snowden LIVE in New York Snowed-in Snowden Blizzard Snow Storm - Video [Last Updated On: January 23rd, 2014] [Originally Added On: January 23rd, 2014]
- New York Times editorial defends Edward Snowden - Video [Last Updated On: January 23rd, 2014] [Originally Added On: January 23rd, 2014]
- The People's Republic of Edward Snowden - Video [Last Updated On: January 23rd, 2014] [Originally Added On: January 23rd, 2014]
- Snowden says mass collection must end [Last Updated On: January 24th, 2014] [Originally Added On: January 24th, 2014]
- Russian lawmaker says Snowden asylum period to be extended [Last Updated On: January 24th, 2014] [Originally Added On: January 24th, 2014]
- Snowden Says Whistle-Blower Law Gaps Preclude His Return [Last Updated On: January 24th, 2014] [Originally Added On: January 24th, 2014]
- Edward Snowden Denies 'Stealing' NSA Co-Workers' Passwords [Last Updated On: January 24th, 2014] [Originally Added On: January 24th, 2014]
- Edward Snowden's Asylum in Russia Extended [Last Updated On: January 24th, 2014] [Originally Added On: January 24th, 2014]
- Edward Snowden: 'Not Possible' to Return to U.S. Now [Last Updated On: January 24th, 2014] [Originally Added On: January 24th, 2014]
- What Do We Know About Edward Snowden? Webster G. Tarpley - Video [Last Updated On: January 24th, 2014] [Originally Added On: January 24th, 2014]
- On Edward Snowden, Privacy, NSA, and Accountability - Quick Thought #632 - Video [Last Updated On: January 24th, 2014] [Originally Added On: January 24th, 2014]
- Edward Snowden is a SPY? How do you kill a spy? - Video [Last Updated On: January 24th, 2014] [Originally Added On: January 24th, 2014]
- Scooter and Snowden [Last Updated On: January 26th, 2014] [Originally Added On: January 26th, 2014]
- Edward Snowden: Did the American whistleblower act alone? [Last Updated On: January 26th, 2014] [Originally Added On: January 26th, 2014]
- Snowden Says Whistle-Blower Law Gaps Preclude Return [Last Updated On: January 26th, 2014] [Originally Added On: January 26th, 2014]
- Hükümete protesto, Snowden'e destek - Video [Last Updated On: January 26th, 2014] [Originally Added On: January 26th, 2014]
- Edward Snowden NSA leaker asks for extra security after receiving death threats from US officials !! - Video [Last Updated On: January 26th, 2014] [Originally Added On: January 26th, 2014]
- Snowden says officials want to kill him [Last Updated On: January 27th, 2014] [Originally Added On: January 27th, 2014]
- edward_snowden_portrait_twitter_reuters.JPG [Last Updated On: January 27th, 2014] [Originally Added On: January 27th, 2014]
- Edward Snowden: There Are 'Significant Threats' To My Life [Last Updated On: January 27th, 2014] [Originally Added On: January 27th, 2014]
- Snowden Says ‘No Doubt’ NSA Engages in Industrial Spying [Last Updated On: January 27th, 2014] [Originally Added On: January 27th, 2014]
- Edward Snowden Biography - Facts, Birthday, Life Story ... [Last Updated On: January 27th, 2014] [Originally Added On: January 27th, 2014]
- Alex Jones Show Friday 1 24 14 Piers Corbin - Video [Last Updated On: January 27th, 2014] [Originally Added On: January 27th, 2014]
- The People's Republic of Edward Snowden part 2 - Video [Last Updated On: January 27th, 2014] [Originally Added On: January 27th, 2014]
- Snowden interview turns up few key revelations [Last Updated On: January 28th, 2014] [Originally Added On: January 28th, 2014]
- edward-snowden-reuters-120313.JPG [Last Updated On: January 28th, 2014] [Originally Added On: January 28th, 2014]
- Edward Snowden - Video [Last Updated On: January 28th, 2014] [Originally Added On: January 28th, 2014]
- German Television To Air NEW Edward Snowden Interview TONIGHT - Video [Last Updated On: January 28th, 2014] [Originally Added On: January 28th, 2014]
- Edward Snowden is nominated for the 2014 Nobel Peace Prize [Last Updated On: January 30th, 2014] [Originally Added On: January 30th, 2014]
- Snowden Nominated by Norwegian Lawmakers for Nobel Peace Prize [Last Updated On: January 30th, 2014] [Originally Added On: January 30th, 2014]
- Snowden nominated for Nobel Prize [Last Updated On: January 30th, 2014] [Originally Added On: January 30th, 2014]
- Snowden Gets Nobel Peace Prize Nomination From Norwegian MP - Video [Last Updated On: January 30th, 2014] [Originally Added On: January 30th, 2014]
- BREAKING: Edward Snowden Nomination For Nobel Peace Prize! - Video [Last Updated On: January 30th, 2014] [Originally Added On: January 30th, 2014]
- Edward Snowden's Psychic Human ETs - Video [Last Updated On: January 30th, 2014] [Originally Added On: January 30th, 2014]
- Report puts Snowden-like leaks as No. 2 threat to US security [Last Updated On: January 31st, 2014] [Originally Added On: January 31st, 2014]
- Why Silicon Valley sticks up for Snowden [Last Updated On: January 31st, 2014] [Originally Added On: January 31st, 2014]
- Snowden nominated for Peace Prize [Last Updated On: January 31st, 2014] [Originally Added On: January 31st, 2014]
- Edward Snowden Nominated For Nobel Peace Prize - Video [Last Updated On: January 31st, 2014] [Originally Added On: January 31st, 2014]
- UK spy chief to step down: GCHQ boss Iain Lobban leaves in wake of Edward Snowden NSA leaks - Video [Last Updated On: January 31st, 2014] [Originally Added On: January 31st, 2014]
- Is Edward Snowden Behind Target Hacking? - Video [Last Updated On: January 31st, 2014] [Originally Added On: January 31st, 2014]
- Snowden: NSA Mining App Data to Track Targets - Video [Last Updated On: January 31st, 2014] [Originally Added On: January 31st, 2014]
- Snowden nominated for Nobel Peace Prize [Last Updated On: February 1st, 2014] [Originally Added On: February 1st, 2014]
- [CCTV FOOTAGE]Edward Snowden Gunshot January 31, 2014 - Video [Last Updated On: February 1st, 2014] [Originally Added On: February 1st, 2014]
- Obama administration nominates new NSA director - Video [Last Updated On: February 1st, 2014] [Originally Added On: February 1st, 2014]
- Edward Snowden nominated for Nobel Peace Prize: NSA whistleblower has exposed US spying - Video [Last Updated On: February 1st, 2014] [Originally Added On: February 1st, 2014]
- Edward Snowden's Norwegian Nobel nomination called into question - Video [Last Updated On: February 1st, 2014] [Originally Added On: February 1st, 2014]
- Edward Snowden the Peace Prize Winner? - Video [Last Updated On: February 1st, 2014] [Originally Added On: February 1st, 2014]
- Edward Snowden, a Party to Subverting Nations in Latin America [Last Updated On: February 3rd, 2014] [Originally Added On: February 3rd, 2014]
- Edward Snowden: World's most wanted man [Last Updated On: February 3rd, 2014] [Originally Added On: February 3rd, 2014]
- Politicians attack Great Barrier Reef, Edward Snowden and TV Reporter - TFU Friday - Video [Last Updated On: February 3rd, 2014] [Originally Added On: February 3rd, 2014]
- WikiLeaks, Greenwald Blast Guardian Journalist’s Book On ‘FSB Prisoner’ Snowden [Last Updated On: February 4th, 2014] [Originally Added On: February 4th, 2014]
- Killing Edward Snowden on Occupy The Microphone - Video [Last Updated On: February 4th, 2014] [Originally Added On: February 4th, 2014]
- Edward Snowden January 25, 2014 Interview Links - Video [Last Updated On: February 4th, 2014] [Originally Added On: February 4th, 2014]
- Edward Snowden Documents reveal Canadian Spies Exist! - Video [Last Updated On: February 4th, 2014] [Originally Added On: February 4th, 2014]
- 20140203 - Barking at the moon - Video [Last Updated On: February 5th, 2014] [Originally Added On: February 5th, 2014]
- Snowden aftermath: Defense contractors revamp policies, practices [Last Updated On: February 5th, 2014] [Originally Added On: February 5th, 2014]
- Booz Allen Exec Describes How Snowden Stole Millions of Documents [Last Updated On: February 5th, 2014] [Originally Added On: February 5th, 2014]