Top 5 Ways to Identify and Address Insider Threats

A recent report commissioned by CA Technologies threw up some very interesting and alarming data about the threats that an insider can pose to an organization. The report found that:

  • 90% of organizations felt that insiders were a serious threat
  • 53% had experienced an insider attack in the last 12 months
  • 55% of the threat came from privileged or IT users
  • 57% identified business confidential data as being the target of an insider threat

One of the biggest problems with an insider threat is that it is just that — an insider. An insider can be a work colleague, a freelancer, someone from head office or a worker from a partner company. An insider, is, by definition, anyone who has an intrinsic or close connection to an organization.

Insiders can be of both accidental and malicious types. And, not all malicious insiders know they have become an insider threat — they are, instead, “proxy insider threats,” being used by malicious outsiders to get inside the business.

It is a complicated business to spot an insider and to then deal with them. This article will look at some ways to check if Jan from Accounts is after your data.

5 Ways That Insiders Become Threats and How to Deal With Them

The best way to know if an insider will become a threat is to know where the threats lie. Understanding the drivers behind a data breach or IT sabotage offers you an insight into the types of indicators and behavior that foretells trouble ahead.

1. The Leaver

The Problem: McAfee report that 43% of data breaches start with an insider. Sometimes the issue begins just as the insider leaves. The case of Jason Needham demonstrates this well.

Mr. Needham worked for the Allen and Hoshall engineering firm but left in (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Susan Morrow. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/KYz2zNrAjc4/