Why the insider threat to your IT security may be your biggest weakness

The Insider Threat Spotlight Report (2016) has a number of compelling findings for any organisation that produces, stores or transmits sensitive data. The survey of 500 cybersecurity professionals suggests that the threat of insider agents – both malicious and unintentional – is growing by the day.

The insider threat is doubly dangerous because insiders have the opportunity and the means to steal, corrupt and otherwise damage data and systems. Citibank learned this lesson the hard way, when Lennon Ray Brown, a disgruntled Citibank computer engineer, decided to take revenge for a disappointing performance review by erasing the configuration code in nine servers. His actions caused 90% of Citibank networks across the US to lose connectivity.

According to the Insider Threat report, “Seventy-four percent of organizations feel vulnerable to insider threats. However, less than half of all organizations (42 percent) have the appropriate controls in place to prevent an insider attack.”

Of course, preventing insider attacks is easier said than done. As Guy Bunker of Clearswift explained in an interview with Infosecurity, “The genie of company data is out of the bottle. In the old days company data sat on a server in the data center protected by access control and perimeter defenses. Now it’s everywhere.”

Employees expect freedom, autonomy and control. Employees want to bring their own devices to work and continue working when they get home. Employees unwittingly carry sensitive data onto trains, planes and taxis. The simple mistake of losing a smartphone becomes a potentially devastating act of corporate sabotage.

While the insider threat is difficult to manage, the potential financial penalties are highly motivating. “Over 75 percent of organizations estimate insider breach remediation costs could reach $500,000. Twenty-five percent believe the cost exceeds $500,000 and can reach in the millions.”

A recent data breach affecting French naval contractor DCNS has lead the Indian government to shelve a planned order for three submarines, resulting in many millions of lost revenues.

So what can organisations do to reduce the risks that come from within? According to the survey, 62% of respondents think employee training – and greater awareness – is part of the solution. In fact, 72% of respondents are already offering training to employees on how to identify security risks.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”