Insider threats
12 Important Facts About Insider Security Threats
Insiders and third-party collaborators account for more than four out of 10 cyber-security incidents, a new report from Aite Group shows.
Four Types of Insider Threats
Insider threats evolve around intellectual property theft, IT sabotage, fraud and accidents as the result of human error.
Who’s at Fault?
Insiders and their third-party collaborators make up 44% of cyber-security incidents.
Who are the Bad Guys?
The biggest threat to a company’s cyber-security is outsiders (56%), but malicious insiders (17%) and inadvertent actors (5%) could result in the most damage, according to IBM research.
Watch Out for Fraud
71% of incidents in the financial services sector were fraud cases, according to the CERT Division’s Insider Threat Center’s database for Management and Education of the Risk of Insider Threat. These cases primarily involved current (79%) and former employees (17%).
Big Losses
Of 191 cases in the financial services sector, 48% led to a loss of more than $100,000, and 18% lost more than $1 million, according to the CERT Division’s Insider Threat Center’s database for Management and Education of the Risk of Insider Threat.
Detection Is Key
49% of 191 incidents studied were detected by nontechnical means (such as a co-worker or client complaint), followed by an audit (41%) system failure (4%), information system (4%) and software (3%).
Weak Links
The biggest source of losses is from servers (31%), printed records (17%), email (14%), laptops (12%), Websites (9%), portable data storage devices (7%), desktops (4%), and telephones (3%) in an analysis of 551 cases by Advisen.
Prioritize Budgets
Insurance event data offers cyber-security insights to help prioritize initiatives and budgets. In an analysis of 707 cases, 70% were for loss or theft from a digital data breach, according to research from Advisen.
Balancing Act
Insight into a company’s business to understand asset and confidential-information priorities and to identify and prioritize known threats must balance security with the business’ performance.
Insider Threat Protection
A layered approach to protection involves written policies and procedures, people screening and training, technological controls, process controls, employee assistance programs, company culture and law enforcement.
Security Slackers
Insider protection lapses occur because of a lack of policy and procedure adherence. Upshot: Companies need to follow policies and procedures.
Building Awareness
Information security training—keeping employees informed about the risks and elements of social engineering—is an ongoing task as cyber-security evolves rapidly.