Friday, May 9, 2025

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Creators Network
    • Latest Posts
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Analytics & Intelligence Security Bloggers Network Threats & Breaches 

Home » Cybersecurity » Analytics & Intelligence » Insider Threats are on the Rise

SBN

Insider Threats are on the Rise

by Jane Grafton on June 30, 2020

Insider threats are on the rise. The global pandemic has seen an exponential growth of cyberattacks targeting remote workers. This has dramatically impacted organizations worldwide as they struggle to maintain a secure working environment. With COVID-19, we have seen a dramatic increase in insider threats across the board, including malicious employees, accidental negligence, third party contractor or vendor misuse, and account compromise attacks. We’ve seen layoffs and reductions in work hours resulting in job dissatisfaction. Disgruntled employees can quickly turn into malicious actors looking for financial gain. The statistics aren’t encouraging. We need a better way to fight the rise of insider threats.

WSJ Survey Found 67% Of Companies Worry About Malicious Employees

In a recent Wall Street Journal Pro Research Survey of cybersecurity executives at nearly 400 companies, 67% said they were concerned about malicious employees. The results were published on Monday, June 22, 2020. The larger the company, the greater the concern about malicious insiders. Further, concern over the rise of insider threats grows to a greater degree than concern about other cybersecurity threats.

Percentage of respondents who consider the following actors to be cybersecurity threats:

Techstrong Gang Youtube
AWS Hub

The publication also points out that companies are struggling with solutions to address the rise of insider threats. It is not easy to detect malicious employees before they exfiltrate data or IP. Behavioral analytics is one of the most successful technologies to proactively identify in real-time when an employee’s behavior differs enough to be suspect – to then be reviewed for corrective action.

DHS Expands Insider Threat Program

In other news, the Department of Homeland Security announced on June 16, 2020 that the agency is expanding its Insider Threat Program (ITP). The program will expand from those having access to classified materials to encompass, “all those with past or current access to DHS facilities, information, equipment, networks, or systems.”

Why do you think that is? As we’ve seen time and time again, the insider threat includes employees, partners, vendors, and contractors – past and present. The DHS found that the behavioral indicators it had been using to flag cases for additional analysis were created for a smaller population. They did not account for the expanded scope of the ITP. The historical trends and specific conduct missed critical insider access beyond the scope of the original ITP. This just proves the point that coverage is critical when it comes to predicting, detecting, and stopping the insider threat. The Edward Snowden case is an unforgettable reminder that organizations must include third party vendors and subcontractors in their insider threat programs. To combat the rise of insider threats, you need to implement comprehensive coverage to include the extended workforce and partner community.

The Enemy Within: How Insider Threats Are Changing

Gurucul was fortunate to participate on a recent Threatpost Webinar entitled, “The Enemy Within: How Insider Threats Are Changing.” During the webinar, the panelists discussed how to detect and prevent today’s insider-based malicious activity. With the rise in work from home cyberattacks, the conversation turned to how to address phishing scams, business email compromise, spoofing, and impersonation attacks.

Employee training and awareness is critical to overcoming the cybersecurity gaps heightened by the porous remote work perimeter. Technology plays a huge part as well. Once again, behavioral analytics takes center stage as a crucial weapon in the fight against insider threats. Behavior is the leading threat indicator when it comes to detecting malicious insider activity. Machine learning based behavior analytics has proven to successfully and continuously predict and stop insider threats in real-time.

During the webinar, the Threatpost editors polled the audience on the rise of insider threats. Here is what we learned:

 

How vulnerable is your organization to insider threats?
Insider Threat Program
Insider Risk

 

Where Do We Go from Here?

There’s no doubt we will continue to see the rise of insider threats during this global pandemic. Best practices dictate we all need to pay closer attention to what we’re doing online with company data on personal devices, over WiFI networks. We also need to implement the right tools and technologies to bridge the gap between what we can and can’t control. We can’t control cybercriminals and they are incessantly leveraging COVID-19 in their account compromise, BEC and impersonation attacks.

Gurucul can help. We work with the Carnegie Mellon University CERT team on best practices for using threat intelligence to identify insider threat behavior patterns. Contact us for details.

The post Insider Threats are on the Rise appeared first on Gurucul.


Recent Articles By Author
  • UEBA vs SIEM: The Key Differences of Each Solution
  • What is XDR? Concepts and Benefits
  • RSA 2023 Survey Reveals the Biggest SIEM Challenges Facing the SOC Today
More from Jane Grafton

*** This is a Security Bloggers Network syndicated blog from Blog – Gurucul authored by Jane Grafton. Read the original post at: https://gurucul.com/blog/insider-threats-are-on-the-rise

June 30, 2020June 30, 2020 Jane Grafton Account Compromise, behavior analytics, Blog, insider threat
  • ← Hunters Raises $15 Million in Series A Funding to Speed Enterprise Breach Detection & Response with Autonomous Threat Hunting
  • Expanding the Serverless War Chest With AWS EFS →

Techstrong TV

Click full-screen to enable volume control
Watch latest episodes and shows

Mobility Field Day

Upcoming Webinars

Software Supply Chain Security: Navigating NIST, CRA, and FDA Regulations
Is DevEx the Same as DevSecOps?

Podcast

Listen to all of our podcasts

Press Releases

GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Subscribe to our Newsletters

ThreatLocker

Most Read on the Boulevard

Beyond Traditional Vendor Management: Navigating AI Risks in the Supply Chain 
Are You Too Reliant on Third-Party Vendors for Cybersecurity? 
Why EASM Projects Fail: Three Pitfalls to Avoid 
IRONSCALES Extends Email Security Platform to Combat Deepfakes
U.S. Wins One, Maybe Two, Extradition Petitions in Unrelated Cases
Urgent Warning for Gmail Users: 1.8 Billion Accounts at Risk
Strengthening Software Security Under the EU Cyber Resilience Act: A High-Level Guide for Security Leaders and CISOs
RSAC 2025: The Unprecedented Evolution of Cybersecurity
The Rise of AI-Powered Bots in Payment Fraud & How FinTechs Can Protect Themselves
Relax with Robust NHI Security Measures

Industry Spotlight

SMBs Know They’re At Risk, but Most Aren’t Embracing AI
Cloud Security Cybersecurity Data Privacy Data Security Endpoint Featured Industry Spotlight Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence 

SMBs Know They’re At Risk, but Most Aren’t Embracing AI

May 8, 2025 Jeffrey Burt | Yesterday 0
U.S. Wins One, Maybe Two, Extradition Petitions in Unrelated Cases
Cloud Security Cyberlaw Cybersecurity Data Security Featured Identity & Access Industry Spotlight Malware Network Security News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

U.S. Wins One, Maybe Two, Extradition Petitions in Unrelated Cases

May 5, 2025 Jeffrey Burt | 3 days ago 0
California Man Will Plead Guilty to Last Year’s Disney Hack
Cloud Security Cybersecurity Data Privacy Data Security Featured Identity & Access Industry Spotlight Malware Mobile Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Threats & Breaches 

California Man Will Plead Guilty to Last Year’s Disney Hack

May 5, 2025 Jeffrey Burt | 3 days ago 0

Top Stories

Trump Proposes Cutting CISA Budget by $491 Million
Cloud Security Cyberlaw Cybersecurity Data Security Featured Mobile Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

Trump Proposes Cutting CISA Budget by $491 Million

May 7, 2025 Jeffrey Burt | 1 day ago 0
Spyware Maker NSO Ordered to Pay WhatsApp $168 Million for 2019 Hack
Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security Featured Identity & Access Malware Mobile Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

Spyware Maker NSO Ordered to Pay WhatsApp $168 Million for 2019 Hack

May 7, 2025 Jeffrey Burt | 1 day ago 0
IRONSCALES Extends Email Security Platform to Combat Deepfakes
AI and ML in Security Cybersecurity Deep Fake and Other Social Engineering Tactics News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threats & Breaches Vulnerabilities 

IRONSCALES Extends Email Security Platform to Combat Deepfakes

May 5, 2025 Michael Vizard | 3 days ago 0

Security Humor

Randall Munroe’s XKCD ‘Globe Safety’

Randall Munroe’s XKCD ‘Globe Safety’

Download Free eBook

The Dangers of Open Source Software and Best Practices for Securing Code

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Creators Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2025 Techstrong Group Inc. All rights reserved.
×

Security in AI

Step 1 of 7

14%
How would you best describe your organization's current stage of securing the use of generative AI in your applications?(Required)
Have you implemented, or are you planning to implement, zero trust security for the AI your organization uses or develops?(Required)
What are the three biggest challenges your organization faces when integrating generative AI into applications or workflows? (Select up to three)(Required)
How does your organization secure proprietary information used in AI training, tuning, or retrieval-augmented generation (RAG)? (Select all that apply)(Required)
Which of the following kinds of tools are you currently using to secure your organization’s use of generative AI? (select all that apply)(Required)
How valuable do you think it would it be to have a solution that classifies and quantifies risks associated with generative AI tools?(Required)
What are, or do you think would be, the most important reasons for implementing generative AI security measures? (Select up to three)(Required)

×