Articles about insider threats

We tend to think of cybersecurity as being a technology problem, but in fact it’s often about humans. Attackers exploit our weaknesses with social engineering, phishing and other attacks designed to trick us into giving up valuable information.

A new whitepaper released today by KnowBe4 looks at the core principles of a modern human risk management (HRM) approach and how organizations can apply the framework to strengthen security culture and drive measurable change in employee behavior.

Continue reading →

A new study sponsored by OPSWAT, a specialist in critical infrastructure protection, reveals that organizations face escalating risks from insider activity, legacy tools, and the growing complexity of artificial intelligence (AI).

Based on research carried out by the Ponemon Institute, the report finds that in the past two years, 61 percent of organizations have suffered file-related breaches caused by negligent or malicious insiders, at an average cost of $2.7 million per incident.

Continue reading →

As cyber threats become more frequent and complex, CISOs are increasingly concerned about their organization’s ability to withstand a material attack. 76 percent feel at risk of experiencing a material cyberattack in the next 12 months, yet 58 percent say they are unprepared to respond.

The latest Voice of the CISO report from Proofpoint surveyed 1,600 global CISOs across 16 countries and finds human behavior remains a critical vulnerability, with 92 percent attributing at least some data loss to departing employees.

Continue reading →

Artificial intelligence is making insider threats more effective according to a new report which also shows that 53 percent of respondents have seen a measurable increase in insider incidents in the past year.

The survey, of over 1,000 cybersecurity professionals, from Exabeam finds 64 percent of respondents now view insiders, whether malicious or compromised, as a greater risk than external actors. Generative AI is a major driver of this, making attacks faster, stealthier, and more difficult to detect.

Continue reading →

A recent study from IBM revealed that insider threats were the costliest data breaches of 2024, averaging $4.99 million per incident.

Andrius Buinovskis, cybersecurity expert at security platform NordLayer, says that as more companies adopt a browser-first approach, mitigating insider threats will become even more challenging because of the limited visibility security administrators have into employee activity taking place within the browser.

Continue reading →

Security operations teams often struggle with complex tools, legacy pattern-matching DLP, manual policy tuning, and alert fatigue. This can slow investigations, increase overhead, and reduce security effectiveness.

While traditional DLP solutions aim to tackle these challenges, they require constant human intervention, generate high false positive rates, and often miss sophisticated threats that bypass simple pattern recognition. That’s why Nightfall is launching an autonomous Data Loss Prevention platform.

Continue reading →

Insider security incidents remain a problem for business, yet many organizations struggle with limited budgets, minimal talent resources, and tools that fail to detect subtle insider threat patterns.

OpenText is launching a new Core Threat Detection and Response solution, an AI-powered product designed to address the growing challenge of insider threats and advanced attacks.

Continue reading →

Security is always a bit like a game of whack-a-mole in that you never quite know where the next incident is going to pop up. On the face of it, this shouldn’t be too hard. Everyone knows to secure your PII, PHI, customer financials, production environments, and other resources that are clearly highly sensitive. But sometimes the question of what is sensitive is less black and white, filled with plenty of gray areas.

This uncertainty can lead to organizations failing to properly secure their resources, as we saw in the recent incident over at Disney. 

Continue reading →

Malware, ransomware, and phishing. These are just a few examples of software disruptors that can wreak havoc on a business and cause major personal and financial loss.

Most recently, organizations and vendors have gotten good at protecting their business from malware and infiltrations from the outside. Their security has gone up, so it's now more difficult and expensive for an outside attacker to attack this traditional way. Additionally, organizations have gotten smarter about preventing ransomware and not falling for the ransomware attack by paying the ransom. Most organizations won't pay the ransom anymore because governments don't want them to.

Continue reading →

Insider threats are usually thought of as being down to disgruntled or careless employees, but a new report from risk management specialist DTEX finds insiders have never been more vulnerable to interference from nation state actors.

The report, by the DTEX Insider Intelligence and Investigations (i3) team, based on more than 1,300 investigations within DTEX's global customer base, finds investigations into insider threats from nation-states and foreign interference increased 70 percent since 2022, mainly within critical infrastructure and public sector.

Continue reading →

According to a new report, 74 percent of all cyber breaches are caused by human factors, including errors, stolen credentials, misuse of access privileges, or social engineering.

More than two-thirds believe employees are putting the organization at risk through the misuse of email, oversharing company information on social media, and careless web browsing. This highlights the need for staff to receive better training on the risks.

Continue reading →

A new report shows that 66 percent of organizations in the UK experienced at least one successful phishing attack in 2023 compared to 91 percent the previous year.

However, the study from Proofpoint shows the negative consequences of attacks have soared, with a 30 percent increase in reports of financial penalties, such as regulatory fines, and a 78 percent increase in reports of reputational damage.

Continue reading →

An overwhelming majority of global organizations admit they are ill-prepared to handle the steady increase in insider threat activity, according to new research conducted by Cybersecurity Insiders and announced today by Securonix.

While 76 percent of organizations have detected increased insider threat activity over the past five years, less than 30 percent believe they are equipped with the right tools to handle them.

Continue reading →

AI has officially taken off, yet organizations are squarely divided on their use in the workplace.  Organizations that encourage the use of AI and Large Language Model (LLM) tools for productivity are willing to accept the security risk but often lack the policies, education, and controls required to mitigate potential security risks, including those posed by insiders.

On the other hand, companies that take a hard line against the tools by implementing strict rules against any installation or use of AI-LLMs may cause their employees to be less productive. Fortunately, there is a middle ground that balances productivity with security and, importantly, with insider risk management.

Continue reading →

As we look ahead to the coming year, Trellix Advanced Research Centre recently shared its predictions for 2024. Among them, it highlighted that as connected devices continue to proliferate, and hybrid and remote workforces persist, insider threats will only continue to grow.

This expected increase is especially worrying as research has already shown that breaches caused by employees have seen a 47 percent increase over the last two years, whether accidental or malicious. Annually, 34 percent of all businesses will suffer an insider threat incident, costing an estimated eye-watering $15.38m per occurrence, so the predicted increase is particularly frightening.

Continue reading →