can be compounded when more than one risk is present , such as a user who introduces malware into a network that has also implemented weak passwords or uses misconfigured devices .
Resources most likely to be targeted by malicious actors
In addition to the general mayhem that can be caused by an insider , there are specific systems that are the most likely to be targeted . Because the majority of attackers are financially motivated , financial systems are at the top of the list of resources at risk . However , for industrial espionage attacks , research and development resources and customer support systems are top targets .
The one thing almost all attacks have in common , however , is the targeting of data – whether to steal it or destroy it . And the king of data is customer information . User PII ( Personally Identifiable Information ) that can be extracted and sold on the black market can generate significant financial rewards for an inside attacker . Close seconds are intellectual property that can be sold to competitors or held for ransom and financial data that can be used for such things as insider trading .
Insider threats on the rise
Concerns about insider threats aren ’ t just a fire drill . Over two-thirds of organisations believe that insider attacks have become more prevalent over the past year , with nearly half of companies reporting having experienced between one and five critical cyber incidents caused by an insider in the past 12 months .
The reasons range from a lack of employee awareness and training to insufficient data protections in place . One of the most concerning trends , however , is the amount of data that now moves outside the traditional data centre perimeter due to the growth of mobile devices , increased reliance on web applications and the rapid transfer of data to the cloud . And given that a well-meaning employee with a credit card can subscribe to a cloud service that IT isn ’ t even aware of and then store data there , something known as shadow IT , the potential for the negligent or even malicious compromise of data continues to escalate .
The biggest challenge with these threats is that they are so difficult to identify . These insiders already have credentialed access to the network and services , so few – if any – alerts are triggered when they begin to behave badly . And given the increased amount of data already leaving the traditional network perimeter , it is easier to hide data theft than ever before .
An effective insider threat programme
There is no magic pill to make this challenge go away . It requires planning , implementing and repurposing technologies and gaining a holistic
User PII ( Personally Identifiable Information ) that can be extracted and sold on the black market can generate significant financial rewards for an inside attacker .
38 www . intelligentciso . com