Who are the Insider Threat Actors?
An insider threat is anyone “inside” an organization who has or previously had, authorized access to an organization’s resources. These resources may or may not include an organization’s facilities, personnel, equipment, systems, networks, and sensitive data and information. Insiders may include:
- Persons who know an organization’s business goals and strategies.
- Persons to whom an organization has supplied authorized access to its systems and networks.
- Employees, particularly department leaders, who are trusted individuals given access to data, logs, or other sensitive information.
- Persons who have continuous, regular, or periodic access to an organization’s data and networks, including vendors, repairmen, technicians, and contractors.
- Persons who develop the products and services and know the strengths and weaknesses of an organization’s offerings, including pricing, costs, and ideas.
Types Of Insider Threats in Cybersecurity
- Malicious insider – a high-privileged user such as network administrator, partner, or person with permissions across sensitive data who use this information for personal or financial gain.
- Disgruntled ex-employee – a person who left the company with data and destroys the data or accesses company networks after their departure as revenge for termination of employment.
- Reckless third parties – vendors, contractors, and repairmen who compromise the organization’s security and safety through carelessness, misuse, or malicious access.
- Inside agent or mole – a “spy” who works to divulge vital information to a rival organization.
- Careless employee – one who mishandles data, performs reckless security behavior, installs unauthorized applications, and does not adhere to cybersecurity protocols.
- Compromised employee – one who may accidentally click a malicious link or attachment by failing to recognize a phishing email.
Preventing Insider Threats
- Train employees. 62% of the insider threats in cyber security are directly related to employee compromise and negligence. Most insider threats are unintentional and happen because employees lack cybersecurity awareness. Anti-phishing training using phishing simulations will encourage employee awareness.
- Build a cyber-secure work culture by focusing on cyber hygiene across your organization Employees should be trained to recognize and report risky behavior, negligence or carelessness to IT or HR departments.
- Coordinate with cross-functional leaders, especially HR departments to identify and monitor possible disgruntled employees.