Insider cyber threats – recognising the risk
Guarding against threats from within your business can be the hardest challenge in keeping systems safe and secure.
Robust cyber security presents a unique challenge for organisations in today’s marketplace. It is a challenge which requires enterprise-level resilience and an appreciation that people, processes and technology form a complex, interdependent eco-system which needs to be reflected in an organisation’s risk profiling and planning.
Managing external cyber threats to your business remains key. This often requires dynamic controls to monitor, detect and repair network and application vulnerabilities in real-time. Organisations should also remember to share cyber experiences with peers and law enforcement, whilst contextualising intelligence to determine not just the severity of potential external threats but also the likelihood of being specifically targeted.
However, recognising that threats come from within, as well as from outside, is equally vital. Guarding against such threats from within presents arguably the hardest component of the challenge to keeping your organisation’s systems safe and secure.
Such “insiders” can come in various guises. They may for example be malicious, or they may be entirely innocent and unwitting:
- Malicious insiders often have the advantage of legitimate access and user permissions. As such, they may be able to gain access to significant amounts of your organisation’s confidential and commercially sensitive data quite properly, even though they may be planning to misuse it.
- With innocent insiders however, it is important to recognise that carelessness on the part of individuals within your organisation can make it just as easy for external threats to penetrate successfully and to wreak their effects.
Training on the correct use of IT, security, passwords, “2FA” (two-factor authentication), as well as being alert to spoofing and phishing attempts for log-in data, are all vital counter-measures.
It is also essential to ensure thorough vetting and auditing of those individuals who require access to critical controls and key assets.
A particular blind-spot to mitigating the insider risk is attitude awareness. Time and again organisations overlook that the attitudes and culture within their businesses can drive the behaviour of their employees. Therefore, simple monitoring of your network activity to identify prominent rogue elements is not enough on its own. It is important to look at the culture and mind-set of your business and the attitudes of your organisation’s employees. Employee vigilance should be encouraged so that rogue elements not only stand out, but are much more regularly called out, which will in turn enable concerns to be flagged and investigated early.
Ultimately, effective cyber resilience doesn’t happen overnight. It requires fundamental shifts in culture and mind-set, achieved by committing to and investing in security, preparedness, staff engagement and education, peer-group collaboration and workplace community.
If you’re looking at ways to ensure your business is ready and prepared in the event of a cyber-attack, get in touch today to discuss our 360º approach to cyber resilience, CyXcel.