Insider Threats: Still Not Cheap
The insider threat is a completely viable attack vector, be this an intentional or unintentional act. In a not significant level, there will be the opportunity for an insider to intentionally steal data via email or the thumb drive as they leave from the workday. There are also the unintentional acts of the hapless worker, answering their emails as they should, however with the addition of clicking on a link or picture from someone they thought they knew.
The operational effects of these can be trivial with a reimage of a workstation to a full password reset for a global corporation, across several time zones and languages. The costs for this range wildly, depending on the impact, the number of persons involved, type of equipment affected, and types of systems compromised.
A recent study, the “2018 Cost of Insider Threats: Global Organizations”, cited the average annual cost for insider threats at $8.76M. This average cost, however, is still rather significant. This has the opportunity to affect many facts of business. This includes the loss of confidential data, lack of operations, and productivity, and loss of rapport.
Although this amount of the insider threat compromise will never be zero, there are methods to reduce this to a manageable level. TO succeed and thrive, the company needs to understand the causes of this rampant issue. Beginning in 2016, used as a baseline, the number of issues resulting from the contractors more than doubled to 53%. Notably, the number of issues involving credential theft has likewise increased significantly. A critical cause of the incidents is negligent acts done by the insider. As these are unintentional, there is a training opportunity for the users for them to understand the importance of them paying attention to what they are clicking.
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.