What’s an insider threat? For many people, the first thing that comes to mind is the malicious hacker the disgruntled former employee or the current employee with an ulterior motive. What they may not realize is that accidental insider threats are equally dangerous, even though they may not receive the same attention. These negligent insiders can be employees or third-party vendors (think partners, contractors, etc.).
When it comes to cybersecurity management, most CEOs and other senior executives benefit from having a birds’ eye view of the whole organization. Unfortunately, these executives don’t have the in-depth visibility they need to understand the magnitude of insider threats that lie beneath the surface, both accidental and malicious. This is where the CSO comes in.
Security leaders can’t afford to only focus on what’s coming from outside their walls. Instead, they need to look at the actions of both the employees and third-party users who hold the “keys to the kingdom,” with licensed access to valuable systems, files and data.
A false sense of securityWhile some incidents caused by insiders are malicious, many are just the result of employee carelessness. Recent data from the Ponemon Institute shows that the average number of security incidents involving employee or contractor negligence has increased by 26 percent since 2016. In the past 12 months alone, Ponemon found that negligent insider actions caused 64 percent of all insider threat incidents.
Insider threat-related breaches are on the rise, in part because employers often have a false sense of security. Results from a recent survey of 1,000 full-time employees revealed that 65 percent of respondents believe they understand the concept of an “insider threat,” and 64 percent of them also understand that careless employees, or the accidental insider threat, are the most common cause of insider threat incidents.
The fact that employees self-report deep understanding of insider threats, while insider threat-related incidents continue to rise, signals an alarming disconnect. Most employees don’t understand that they can be their organization’s biggest threat and that simple actions, like downloading non-company sanctioned software, can lead to major vulnerabilities. To combat these accidental threats, security leaders need to promote security awareness across the organization.
This is especially important as workplaces brace for an influx of Generation Z employees. Recent data revealed that Gen Z employees pose the highest overall cybersecurity risk to organizations, as more than one-third (34 percent) of 18-24-year-olds report that they don’t know nor understand what is included within their company’s cybersecurity policy.
Mitigating insider threat riskHow can cybersecurity executives ensure that their employees are not causing the company’s next breach? With threats and vulnerabilities seemingly coming from all different directions, security executives need to take a holistic approach to cybersecurity, and focus on training their people first. These leaders must then implement both processes and technology to ensure their workforce, from employees to contractors with access to systems and data, understand and adhere to the company’s cybersecurity policies.
Consider the following initial tips for implementation:
Establish training programs: Regardless of age or experience level, security awareness training should be mandatory for all employees, from day one. Education must start from the top down, and executives, from the CEO to the CSO, need to be the first to implement and understand cybersecurity policies. Define clear guidelines: Organizations need to establish clear guidelines that help cultivate a workplace where security is top of mind. They should establish regulations for employees to follow to prevent common insider threat scenarios (for example, around sharing confidential or sensitive data). Prevent data leakage: Many organizations today value transparency, especially at the executive level; however, this should not come at the expense of data security. Employees at all levels should be cautious whenever sharing sensitive information to ensure it doesn’t fall into the wrong hands. What’s next for insider threat preventionAccidental misuse can be one of the most overlooked causes of insider threats today, putting every business function at risk. Once valuable data has been leaked via inappropriate or accidental means, it’s easy for it to get into the wrong hands and jeopardize organizational security. It has never been more crucial to build processes and invest in solutions that provide clear visibility into who is doing what, when, where and why.
While the average cost of an insider-related incident now carries an $8+ million price tag, the devastating impact of an insider-lead breach is more than just financial, damaging a organization’s reputation and customer trust for the foreseeable future.
Continued education across the employee base, alongside full visibility into an organization’s vendors, partners, and employees using tools and technology, can ensure that both malicious and accidental insider threats are thwarted in their tracks.