Insider Threats to Business Continuity

If you looked around you, could you pick out which of your colleagues is an insider threat? Maybe, but probably not. And, if you could, what would/could you do about it? Sadly, most organizations do not have a much better chance of picking out the threats than you do and less of an idea on how to mitigate the risk they present. If you don't know how to identify and deal with these human risks, however, your organization can suffer serious consequences. Take a look through this week's articles to find some ideas on how to deal with insider threats.

Here's why you need a proactive approach to protecting information assets from authorized users with malicious intent. (Item #1)     While the motivations are usually the same, there are three distinct, but different, types of insiders that can pose a threat to your organization's security. (Item #2)     Organizations can successfully mitigate insider threats using the measures outlined here. (Item #3)    

In this article TK Keanini looks at the practical steps that organizations can take to protect data and systems from insider threats. (Item #4)     Teach your employees to keep a secret - after all, your company's secrets are the treasures you're trying to protect. (Item #5)     The answer to the question of why some companies would have no special protection against insider threats is an easy one: leaders and managers who make those decisions are people too and given to naturally positive human assumptions and ignorance. (Item #6)    

As always, I look forward to hearing about your concerns with regard to business continuity. If there are any topics that you'd like to see covered, email me at bmellinger@attainium.net.

Bob Mellinger, President
Attainium Corp

1. Managing Insider Threats

When it comes to cybercrime, incidents caused by external actors dominate news headlines. But senior executives know that security breaches by insiders--employees and business partners with trusted access--can be even more damaging. Yet the majority of businesses are unprepared for these insider threats.
https://www.pwc.com/us/en/increasing-it-effectiveness/publications/assets/managing-insider-threats.pdf

2. The three types of insider threat

While protecting sensitive information in paper form is still a daunting task for security professionals, today is different as the previously one-dimensional insider threat now has three dimensions. Though there are many areas to consider when discussing the insider threat (i.e. mergers, acquisitions, supply chain interaction, globalization), there are three classes of insiders: trusted unwitting insider, trusted witting insider and the untrusted insider.
http://www.csoonline.com/article/2128501/access-control/the-3-types-of-insider-threat.html

3. Six technical measures to mitigate insider threats

There are technical measures that can be embraced to help mitigate the risks brought upon by malicious insiders. These technical measures work in tandem with non-technical measures and can be leveraged before, during and after an incident.
http://www.csoonline.com/article/2135532/network-security/6-technical-measures-to-mitigate-insider-threats.html

4. Why insider threats are succeeding

Many companies still lack the means or motivation to protect themselves from malicious insiders; but the effects of insider threats are simply too big to ignore. According to a report by the market research company Forrester, 46 percent of nearly 200 technology decision-makers reported internal incidents as the most common cause of the breaches they experienced in the past year. Out of those respondents, almost half said the breach stemmed from a malicious insider.
http://www.continuitycentral.com/index.php/news/technology/251-feature1314

5. Economic Espionage: The Global Workforce and the Insider Threat

It isn't natural to think of your colleagues, be they in the next cubicle or across the globe, as a threat -- and most aren't. Sadly, a good deal of industrial, corporate or economic espionage is made possible or conducted by these colleagues, or as they are referred to today, insiders. Who would think Walt Kelly's famous quote, "We have met the enemy and he is us," would be applicable to deciphering and mitigating the risk to a company's information some 45 years later.
https://securityintelligence.com/economic-espionage-the-global-workforce-and-the-insider-threat/

6. How to identify and thwart insider threats

According to insider threat detection firm SpectorSoft, insiders whose behavior purposely or inadvertently threatens the enterprise and its data fit several archetypes, each with clear profiles, behaviors, intentions, and associated threats. CSO explores insights into insiders such as moles, imposters, disgruntled employees, hacktivists, ringleaders and those who feel entitled together with how companies can 'pause' and 'delete' them.
http://www.csoonline.com/article/2987440/data-protection/how-to-identify-and-thwart-insider-threats.html