8 of the world’s biggest insider threat security incidents

Introduction

If you work in security or are just interested in the general area of cybersecurity you will no doubt have heard of the dreaded insider threat. In the context of cybersecurity threats, the word “insider” covers a spectrum of people, from a simple accident that leads to data exposure to a state-employed spy who steals corporate secrets.

Insider threats are a special kind of cybersecurity issue as they can be the most difficult to detect. The figures and the level of attacks over recent years show how true this is.

The National Insider Threat Awareness Month (NIATM), which happens during September, has been designed to help raise awareness of insider threats. As part of NIATM, this post will look at some of the shocking levels of insider threats that industry has to deal with and some of the real-life stories behind them.

Figures that reveal the level and breadth of insider threat

An insider threat is multi-faceted, affecting the entire ecosystem of work, employees and non-employees. As more of us join the remote working revolution, it is also likely that accidental or non-malicious insider-based threats will continue to compound the problem.

Insider threats are complicated in their sensitivity and detection. They can stem from several sources such as simple mistakes in configuring a database securely to sharing passwords with colleagues to malicious and proactive theft and attacks on IT resources and information. But pointing the finger at a workmate requires evidence, and this evidence can be difficult to find without the correct tools and analysis. 

The figures for insider threats speak for themselves. Here are some of the latest findings:

  • The 2020 Insider Threat Report found that in 68% of organizations, insider attacks are increasing
  • According to a 2020 survey from encryption vendor, Apricorn, 57% of companies believe (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Susan Morrow. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/OWhQsRIpIog/