The computer emergency response team (CERT) defines ‘Insider Threats‘ as:
The potential for an individual who has or had authorized access to an organization’s assets to use their access, either maliciously or unintentionally, to act in a way that could negatively affect the organization.
Insider threats can come in many forms, including individuals, organization’s assets, people, information, and technology. It can be difficult to detect insider threats authorized to access your network. It can be intentional or unintentional.
Threats can manifest anywhere so being prepared is critical. Detection and prevention should occur enterprise-wide, including HR, legal, and non-technical indicators. With automated behavioral tools, technical tools can help identify and mitigate insider threats, such as anomaly detection. It could also be as simple as observing behavioral-based anomaly detection (drug use, poor performance, absence, etc).
There is an Open Source Insider Threat (OSIT) Information Sharing Group that CERT runs if you are interested in learning more. This enterprise-wide issue for organizations is essential to a comprehensive cybersecurity program. A survey conducted by Hitachi ID, found 65 percent of 100 IT and security executives said they or their employees had been approached to assist in aiding ransomware attacks. Preparing and watching for the signs of insider threats is crucial to cyber resiliency for companies.
We are here to help. If you do not have these protections in place and need assistance preparing your organization against the growing amount of insider threats, please reach out to your broker now.
(Sources: insights.sei.cmu.edu, biscom.com, resources.sei.cmu.edu, cisa.gov, hitachi-id.com, insaonline.org, sei.cmu.edu)
Note: This communication is for informational purposes only. Although every reasonable effort is made to present current and accurate information, Taylor Oswald makes no guarantees of any kind and cannot be held liable for any outdated or incorrect information. View our communications policy.