17 พ.ค. 2017, 10:42 — ใช้เวลาอ่าน 5 นาที
The recent wave of ransomware attacks across Asia and the world has once again turned the spotlight on security in the cyber world. Despite an organisation’s best efforts, ‘insider threats’ can compromise the security of a firm and its data. In the current scenario, it is beneficial for firms to have an understanding of the nature of these ‘insider threats’.
Data leaks, data theft, hacking, data corruption; all are examples of insider threats triggered by technology. By and large, increasing technological capabilities have been described as a source of insider threat. Remote working, internal network access and BYOD are some examples of the disruptive technologies detrimental to an organisation’s information security. However, insider threat is more about people, policies and planning than technology, according to an RSA Conference.
Most physical and technological attacks can be assisted or conducted by an insider, but certain attacks can only be conducted by insiders - release of proprietary information, or the sabotage of assets accessible by employees. It is this human element, the organisation’s greatest asset and risk, that can cause the most damage. A malicious insider with authorised credentials can orchestrate an unauthorised act and steal copious amounts of information. More often than not, insider threats occur at three stages: pre-employment, during current employment and post-employment. For the most part, employees do not join an organisation with the intention of harm; moreover, there exist stringent screening procedures that deter the entry of malicious employees. Nevertheless, people change with circumstances - recession, job dissatisfaction, revenge (disgruntled employees) and greed (feeding information to a competitor).
According to CERT: Common Sense Guide to Prevention and Detection of Insider Threats, 65% of all IT sabotage attacks are non-technical and 84% of all attacks for financial gain were also non-technical. The non-technical nature of attacks demonstrates the pivotal role that a human element plays in unethical data transfer.
Insider threats can be caused consciously or unconsciously. There exist several different types of insider threat actors representing crucial challenges to organisations:-
IT fraud can be committed by anyone within an organisation, and not always with malicious intent. Additionally, an insider threat is not only limited to employees but also to contractors (third-parties), business partners and clients. Within many legal frameworks, organisations may be at risk of loss due to data breach by any business entity associated with the organisation. The information flow among business entities is immense and vulnerable; scores of direct and indirect threats can potentially destroy an organisation's standing. Bad actors may use blackmail, coercion or offer money to persuade employees and other insiders to share top organisational secrets. Although the anatomy of these threat actors is different, they can be equally damaging.
To explore business opportunities, link with me by clicking on the 'Invite' button on my eBiz Card.
Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the views, official policy or position of GlobalLinker.
Prateek Srivastava, a post-graduate from Middlesex University is a Business intelligence specialist skilled in accessing the latest methods of pre-investment investigations....
Most read this week