Home Featured Insider Threats and Mitigating the Harm They Cause

Insider Threats and Mitigating the Harm They Cause

Get started on your cybersecurity degree at American Military University.

By Susan Hoffman
Contributor, InCyberDefense

Insider threats are one of cybersecurity’s ongoing challenges. In today’s Bring Your Own Device (BYOD) age, employees are constantly connected to their offices through smartphones, tablet computers and laptops.

But what do you do when one of those employees decides to go rogue and turn on you, the employer? How do you protect your proprietary data from being hacked and sold on the dark web?

Insider Cybersecurity Breaches Can Be Highly Damaging

According to Shane Schick of SecurityIntelligence, “Insider threats account for nearly 75% of all security breach incidents.” In some cases, employees may cause a security breach through a simple human error. For example, an employee may accidentally click on an email link that leads to a site with malware or download a seemingly innocent program containing a Trojan horse virus onto an office computer.

But there have also been cases when employees with a grievance deliberately inflicted damage on their employers’ computer systems. Ryan Francis of CSO Online notes that various businesses have lost from $5,000 to $3 million in cybersecurity incidents caused by company insiders. Often, these employees were unhappy with management, wanted to make a statement, actively worked for a competitor or had recently been fired.

IBM Security has an online calculator for determining the cost of a data breach. This calculator determines risk factors by location, industry and cost factors.

Apart from the expense of fixing a cybersecurity breach, an insider breach results in negative publicity for the company. Company executives have to explain to customers and news sources how the breach happened. They must also describe what the company is doing to fix the breach to reassure customers.

How Can Insider Threats Be Detected?

Tripwire points out that insider threats can go undetected for years because it’s hard to distinguish harmful action from regular work. Any company is vulnerable, especially if funds or data are involved. The longer the breach goes undetected, the more damaging it becomes for the company.

But there are warning signs that an employee may become an insider threat, such as:

  • Sour acceptance of a poor performance appraisal
  • Disagreements with company policies, coworkers or managers
  • Unexplained financial gains or financial distress
  • Changes in working hours without authorization
  • Unusual overseas travel
  • Imminent departure from the company

Cybersecurity Reality: You Can’t Protect Everybody and Everything All the Time

It’s a reality of cybersecurity that you can’t protect every person and every device 24/7. Internal and external cybersecurity threats are constantly evolving, so regular education is a must for both IT security employees and everyone else within an organization.

This education may come from multiple sources such as conferences, internal training and webinars. Through more education and security monitoring, the risk of cybersecurity breaches from insiders can be reduced.