What do you consider the biggest threat to your business’s information security? Profit-motivated hackers? Phishers and identity thefts? State-sponsored attacks?
When it comes to cybersecurity, headlines plus common sense suggests that employers would consider outside threats to be the most dangerous source of data leaks and security breaches. However, according to a recent SANS Institute and SpectorSoft report, 74% of IT professionals are most suspicious or concerned about their own employees.
This is no new concept. Vulnerability is all too common in nearly every industry—even the government can’t get its act together. According to SpectorSoft’s survey, 32% of IT security enterprises have “no technology or process in place to prevent an insider attack.”
Insiders who pose a threat often fit certain patterns—odd behavior, misguided intentions, threatening statements, etc. This includes moles, imposters, disgruntled employees, and hackers—all of whom usually believe they have been deprived or mistreated, that their dismissal was unwarranted, or simply feel entitled and resentful of their employer.
Why would so many companies fail to protect themselves? To put it simply, those in charge often feign ignorance and maintain the mindset that it couldn’t happen to them or their company. To that end, an organization cannot predict an employee’s actions at the point-of-hire.
According to SpectorSoft, those who pose a threat will likely hold or have held a position that allows access to important data and insider credentials. Furthermore, they will mostly likely be seeking revenge or justice for ‘real or imagined wrongs’ of the company.
The best thing businesses can do is employ detection methods and security scans to pick up on any suspicious activity. While incident response plans may seem frivolous, utilizing a solution is the best way to shield your enterprise. To choose the best solution for your enterprise, check out our SIEM 2016 Buyer’s Guide to ensure you’ve got the right one in place.
Widget not in any sidebars