decrypting myths
Seven top tips on
how to prevent
and cope with an
insider threat
An inside job brings up
images of bank raids and
heists but in the modern world
companies should be thinking
just as seriously about the
cyberthreat coming from within
their own business, says Tom
Huckle, Lead Cyber Security
Consultant, Crucial Academy.
T
he possibility
that a breach or
a cyberattack
could be down to
an employee or
former employee
is growing all
the time. It could be a malicious attack
from a disgruntled member of staff
who has recently been sacked or who
has a grudge against the business,
for instance. But more often the
threat comes from the unintentional
actions of untrained employees which
put the business at risk and create
cybervulnerability.
It is well known that a high percentage of
data breaches are down to human error
or lack of awareness and cyberpredators
are ready to take advantage.
Here are seven key tips to preventing an
inside job – and dealing with it efficiently
if the worst happens. . . .
www.intelligentciso.com
|
Issue 09
1. Start with the basics –
train your staff to spot a
phishing email
Phishing is an extremely simple scam
which is easy to avoid with the correct
training. However, approximately 94%
of malware enters a network via this
method. Phishing emails are becoming
more sophisticated, deliberately
targeting staff with messages that
appear to be addressed to them
individually from clients or suppliers.
Many include attachments which mimic
anything from invoices to tax documents.
Conducting fun, interesting and easy-
to-implement staff training on a regular
basis is key.
2. Ensure former employees
do not have access to files
and systems
A fired employee can be a significant
insider threat if they are able to access
67