Articles about insider threats

The stark reality of cybersecurity today isn't merely a question of advanced software or strategic counterattacks. It's about people.

The financial impact is undeniable with cybercrime costs projected to reach an astonishing $10.5 trillion annually by 2025. Yet, beneath these figures lies a more pressing issue: the exploitation of human psychology.

Continue reading →

Modern security teams need a 360-degree perspective if they are to successfully deal with all the risks they face. As well as protecting networks and data from external threat actors, organizations must also look at the risks posed by insiders -- a major security problem that brings a unique set of challenges.

Indeed, the issues associated with insider threats are growing to near ubiquitous levels. According to recent industry research, three-quarters of organizations say insider attacks have become more frequent, with more than half experiencing an insider threat in the last year. A major part of the challenge is identifying where the threats are coming from, given that employees and contractors already have varying levels of permitted access to systems. While the motivation for insiders can be malicious, employee errors can also result in hugely damaging security breaches.

Continue reading →

"Are we secure?" For most security leaders, this is one of the most daunting questions they can be asked. While it may seem like a basic inquiry for those in leadership positions, for those on the ‘cybersecurity front line’, thinking in these terms is far too vague and oversimplifies a complex and ever-evolving threat landscape.

Instead, management and IT teams need to shift their thinking to a far more appropriate measure of security:  "Are we adversary aligned?" But what does adversary alignment really mean?

Continue reading →

A new report into hidden threats from Ivanti finds that one in three employees believe their actions do not impact their organization's security.

The research also shows that Millennial and Gen Z office workers are more likely to have unsafe cybersecurity habits when compared to Gen X and older (those above 40 years of age).

Continue reading →

Insider risk poses the most serious threat to data and operations, yet most organizations still lack a security strategy designed to confront it.

The Ponemon Institute’s 2023 Cost of Insider Risks: Global Report found that insider risk -- whether unintentional or intentional -- has continued to rise over the past two years while the costs of breaches have risen as well. The 309 organizations benchmarked over a 12-month period averaged 24 incidents each, with a total average cost of $16.2 million.

Continue reading →

Almost every organization freely admits that people are the biggest risk to their security and are most vulnerable when using email. While the 'outbound' risk of an employee accidentally or intentionally leaking data is very clearly categorized as an insider risk, even a phishing attack that originates from outside the organization requires an insider to, essentially, open the door.

And it’s a valuable vulnerability for threat actors to be aware of; the FBI reported that Business Email Compromise (BEC) scams accounted for $50 billion in losses between June 2016 to December 2022.

Continue reading →

In 2023, the total average annual cost of an insider risk increased to $16.2 million, a 40 percent increase over a four-year period.

This is among the findings of a new insider risks report from DTEX Systems, based on research from the Ponemon Institute. The study also shows that the average number of days taken to contain an insider incident has increased to 86 days.

Continue reading →

Insider threats are far more commonplace than one would expect -- accounting for about 20 percent of all data breaches.

Though the term ‘insider threat’ conjures up images of disgruntled employees with malicious intentions or moles within an organization, the reality is that the majority of vulnerabilities of this nature are attributable to accidental, negligent insiders. As Okey Obudulu, CISO at Skillsoft, explains: "More often than not, insider threats are unintentional. Innocent acts -- such as sending an email to the wrong person or accidentally clicking on a phishing link -- can have devastating security consequences." Of course, what cybercriminals love more than anything is an unsuspecting and improperly trained employee to take advantage of…

Continue reading →

Some people do not see the big picture, thinking there is only one type of insider risk (i.e. malicious). As a result, they often think that mitigating insider risks can be done with a one-size-fits-all approach. That is a fallacy. To counter that myth, let's shed a little light on the different types of non-malicious insider risks and what companies can do to prevent them from becoming an insider threat (i.e. malicious).

There are three different types of non-malicious insider risks, and each one requires a different approach to mitigation. According to MITRE, the three types of non-malicious insider risks are:

Continue reading →

Poor data controls and the advent of new generative AI tools based on Large Language Models (LLMs) will lead to a spike in insider data breaches over the coming year, says cybersecurity company Imperva.

As LLM-powered chatbots have become more powerful, many organizations have implemented complete bans or restricted what data can be shared with them. However, since an overwhelming majority (82 percent) have no insider risk management strategy in place, they remain blind to instances of employees using generative AI to help them with tasks.

Continue reading →

A new survey of UK small and medium enterprises shows that 47 percent believe they are at greater risk of a cyberattack since the cost-of-living crisis.

The study from CyberSmart reveals that 38 percent believe this is due to increased malicious insider threats such as disgruntled employees making decisions that are not in the best interest of the company. While 35 percent believe it is due to negligent insider threats such as overworked or distracted employees making mistakes.

Continue reading →

The modern workplace is, to put it mildly, unsettled. The employee/employer relationship has been fractured in the wake of a chain of events that includes the COVID-19 shutdowns, the increase in remote work, the Great Resignation and the recent rash of layoffs combined with a labor market that nevertheless remains stubbornly tight.

A disconnect between employers and employees has emerged concerning work-life balance and the familiar-but-vague concept known as "organizational commitment," driven in part by social media-fueled myths such as "quiet quitting.”" A key concern for employers is that, according to workplace theory and several case studies, a lower level of "organizational commitment" among employees leads to an increase in the likelihood of insider threats. Whether they are leaving companies or staying on the job, employees who aren’t committed to their organizations are more likely to steal critical information.

Continue reading →

Insider attacks including fraud, sabotage, and data theft, plague nearly three quarters (71 percent) of US businesses, according to Capterra's 2023 Insider Threats Survey.

Perhaps unsurprisingly companies that allow excessive data access are much more likely to report falling victim to insider attacks. However, only 57 percent of companies limit data appropriately while 31 percent allow employees access to more data than necessary and 12 percent allow employees access to all company data.

Continue reading →

Although more than 70 percent of companies say they have an insider risk management (IRM) program in place, the same companies experienced a year-on-year increase in data loss incidents of 32 percent, according to a new report from Code42 Software.

Based on a survey of 700 cybersecurity leaders, cybersecurity managers and cybersecurity practitioners in the US, conducted by Vanson Bourne, the report shows 71 percent expect data loss from insider events to increase in the next 12 months.

Continue reading →

More and more IT professionals are dealing with a growing issue that is lurking within their own organizations. With recent high-profile data breach stories hitting the headlines, the risk posed by insider threats has become a matter of utmost concern for IT teams, with such incidents rising 44 percent over the past two years according to the 2022 Ponemon Cost of Insider Threats Global Report.

While insider threats are perceived by the general public as disgruntled employees actively sabotaging systems or stealing data to sell to competitors, the problem is much more complex than that. Due to the rising cost of living world-wide, more employees will become susceptible to the requests of malicious actors looking for potential accomplices for deploying ransomware. In addition, misusing insider access is not only limited to unleashing ransomware, as users may feel incentivized to also sell their credentials in a bid to make easy money. These risks raise huge concerns for any organization, as user privileges can be easily taken advantage of and escalated to take over critical IT resources. In fact, our own Quest security assessments found out that a significant portion of user accounts -- an impressive 70–100 percent -- have access rights that can be easily escalated by hackers to gain access to Tier Zero assets, including the Active Directory domain.

Continue reading →