Know your enemy from inside

Insider Threat

An insider threat is a malicious threat to an organization that comes from the trusted layer within, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems.

The trusted layer comprises from various types of users who are entitled with privileged access to review, modify and operate the organisation's data and infrastructure. These are potential employees, management level and contractors.

Types of insider threats

There are two distinct insider threat personas: the Negligent Insider and the Malicious Insider. The Negligent Insider is someone who accidentally exposes data and did not intend to do anything wrong, or the employee who knowingly violates the company’s security policy for convenience’s sake, but does not do so maliciously. The Malicious Insider intentionally sets out to harm the organization either by stealing data or damaging systems.

The CERT Insider Threat Center at Carnegie Mellon University reports most of the incidents fall into one of three categories:

  • IT Sabotage: destruction of data or systems

  • Fraud: theft of confidential data from the network for financial gain

  • Theft of Intellectual Property: theft of IP in order to gain a competitive advantage or business gain

Conclusion

Protecting your systems and information requires implementing technology that monitors data and network activity from the inside-out. Traditional security solutions are developed to identify and prevent outside attackers from getting into the network, but are ineffective against the insider threat.

Just as importantly as technology that enables real-time monitoring of the network to identify suspicious insider and outsider activities, is employee education and training on how to avoid activities that expose data and provide them with best practices on how to identify and manage insider threats.

  • LinkedIn Social Icon
  • Twitter Social Icon

Copyright © 2019 - Powered by SABASAI. All Rights Reserved.

 5 Martin Place Sydney 2000, NSW

 +61 2 8005 0564

 

 contact@sabasai.com

APAC HEADQUARTER

SABASAI is pioneered in delivering a unique corporate cyber security approach by integrating best-of-breed solutions from top class vendors along with our own technical expertise and consultancy services. Headquartered in Sydney, Australia, we are active across APAC with our strategic partners & alliances to address the fastest growing risk  - The Insider Threat.

WHO WE ARE

SABASAI

Manage Insider Threats
Eliminate Business Risks