We all have a clear image of the insider threat actor in our enterprise, don’t we?
Scheming, greedy, selfish, aiming either for monetary gain or deliberate sabotage by leaking your business’ most valuable digital assets or accumulated data. To be sure, some insider threats possess more than a passing resemblance to this figure; plenty of cases exist where revenge served as the sole motivation for the insider threat actor.
However, this is (probably) not true for the insider threat actor posing the most risk to your enterprise.
Indeed, sometimes the most devastating insider threat actor might simply be unaware of the cybersecurity risks they’re creating. All it takes is responding to an odd email or human error for a trusted employee to put your enterprise at risk.
Here’s the inside story on the (most likely) insider threat actor in your enterprise:
The Insider Threat Actor is Ignorant, Not Malicious
In a recent U.K. survey, 88% of data breaches over the past two years were caused by human error rather than a direct digital attack. A separate study U.K. found 2,000 reports of data breaches filed with the Information Commissioner’s Office (ICO) attributed the breach to human error. Only 292 reports cited a deliberate attack.
Though these studies focused on the U.K., ask yourself this: is your American enterprise truly any different? Are your employees any more equipped?
The most common kinds of human error leading to a data breach include sending emails or other kinds of messages to the wrong recipients, loss of paperwork, and theft of paperwork.
However, the most likely way your employees can become your digital nightmare needs a section to itself.
Phishing Attacks as Insider Threats
No insider threat actor is more pervasive than the employee victim of a phishing attack. At the same time, no insider threat actor is more unaware of the damage they’ve caused. Phishing attacks have become a staple in the modern hacker’s arsenal for a simple reason: they’ve proven incredibly effective. Without proper cybersecurity training, employees remain ignorant of the pervasiveness and danger of phishing attacks.
Relatedly, phishing attacks are only becoming more pervasive. A recent report by cybersecurity vendor Barracuda found more than 10,000 new phishing attacks in June 2018 alone. According to cybersecurity solution provider Proofpoint, malicious emails increased 36% over this quarter. Moreover, hackers have begun to refine their phishing attacks by impersonating well-known and trusted individuals and institutions with noticeable success.
One of the most perplexing challenges of modern endpoint security is confronting the shift in the perimeter from the device to the user. This means your IT perimeter is largely in the hands of your employees and their cybersecurity knowledge. Unfortunately, hackers know this all too well.
As Proofpoint discovered in their Protecting People study, lower-level employees and freelance employees constituted the overwhelming majority of phishing attack victims (60%). Phishing attacks have struck employees via social media at an increasing rate as well.
Is The Insider Threat Actor Your Fault?
Again, we aren’t talking about the malicious threat actor. Those employees are a completely different animal, requiring behavioral analytics to detect and mitigate.
The question is whether the ignorant insider threat actor is the fault of your enterprise?
This is a controversial question, but a worthwhile one. While employees should be responsible for their online behavior, this only applies if they understand the consequences of their digital actions. Despite working in the data breach era, users are still largely ignorant of what can put their credentials in danger. How can they be asked to defend themselves when they aren’t even aware to be on the defense?
Your enterprise needs to take responsibility for educating your employees on cybersecurity and endpoint security best practices. These lessons need to be made clear and engaging to ensure they are incorporated into current business processes. Cybersecurity needs to be reinforced by both refresher courses and through employee evaluations.
Further, your enterprise’s endpoint security solution needs to be able to handle this new kind of perimeter and protect your employees from the influx of malicious emails putting your enterprise at risk. If your endpoint security solution can’t prevent the initial email attacks from penetrating your perimeter, it might be time for an upgrade.
- Best Books for Defending the Digital Perimeter - September 14, 2021
- Apple Vulnerability Places All of Apple iOS at Risk - September 14, 2021
- CrowdStrike Releases 2021 Threat Hunting Report from Falcon OverWatch - September 13, 2021