{"id":54834,"date":"2023-03-27T13:23:19","date_gmt":"2023-03-27T13:23:19","guid":{"rendered":"https:\/\/sectona.com\/?p=54834"},"modified":"2023-03-27T13:32:22","modified_gmt":"2023-03-27T13:32:22","slug":"insider-threats-and-mitigation","status":"publish","type":"post","link":"https:\/\/sectona.com\/technology\/insider-threats-and-mitigation\/","title":{"rendered":"Cyber Security 101: Insider Threats and Mitigation"},"content":{"rendered":"\n
Insider threats refer to security breaches committed by employees with access to information about internal security practices, data, and systems. Data breaches, leaks of sensitive information, and tarnished reputations are a few consequences of insider threats. Insider threats have become a pressing issue in recent years. Targeted attacks by disgruntled employees, and human error are adding to sophisticated external cyber-attacks. <\/p>\n\n\n\n
Every year, many organisations fall victim to such attacks. And in many cases, insiders do not realise the potential breach while involved in it. This is the case of a lack of awareness of what to and what not to do with an organisation\u2019s data and systems. <\/p>\n\n\n\n
For example, after obtaining a job offer from The Trade Desk, Yahoo research scientist Qian Sang\u202fstole<\/a> AdLearn product data in May 2022<\/a>. He downloaded 570,000 pages of Yahoo\u2019s IP to his devices, anticipating it would help him in his new position. After a few weeks, Yahoo realised that and issued Sang a cease-and-desist letter for stealing data and intellectual property of The Trade Desk. <\/p>\n\n\n\n An economic atmosphere like a recession often sets the stage for internal security threats when laid-off employees may become more anxious and resentful. Also, companies tend to induce severe cost-cutting during this rough period and often pay less attention to cybersecurity. This is because cybersecurity is perceived as preventive and non-mandatory. This can lead to severe consequences and cyberattacks in the form of insider threats.\u202f <\/p>\n\n\n\n Before countering an insider attack, you should first look out for the Indicators of Attack (IoAs). There are two types of indicators – behavioural and digital. <\/p>\n\n\n\n Such indicators must be addressed, and immediate preventive action is necessary to investigate the root cause. Identifying these indicators at the earliest and following the best <\/p>\n\n\n\n practices stipulated by experts to mitigate insider threats is essential. <\/p>\n\n\n\nWhat are the Types of Insider Threats in Cyber Security? <\/h2>\n\n\n\n
\n
The main objectives of malicious insiders are fraud, intellectual property theft, and sabotage. For financial or personal reasons, malicious insiders steal data or damage systems by abusing their position of trust.\u202f\u00a0
Malicious insiders are further categorised into\u202fCollaborators<\/strong>\u202fand\u202fLone Wolf.<\/strong>\u00a0<\/li>\n<\/ul>\n\n\n\n\n
Authorised users who knowingly aid external parties in damaging the organisation are considered collaborators. The other party might be anything from a rival business to a nation-state or a criminal organisation.\u202f\u00a0<\/li>\n<\/ul>\n\n\n\n\n
A malicious insider who operates alone and possesses privileged access to a company\u2019s sensitive servers, applications, or databases.\u202f\u00a0<\/li>\n<\/ul>\n\n\n\n\n
Although the intent of these insiders is not malicious, not following cyber security best practices and negligence can bring critical threats to an organisation\u2019s security posture.\u202f\u00a0<\/li>\n<\/ul>\n\n\n\nImportant Indicators of Attack (IoAs) for an Insider Attack\u00a0<\/strong><\/h3>\n\n\n\n
Behavioural<\/strong> Indicators<\/strong> <\/h3>\n\n\n\n
\n
Digital<\/strong> Indicators<\/strong> <\/h3>\n\n\n\n
\n
What are the Best Practices to Mitigate Insider Threats? <\/h2>\n\n\n\n
\n
\n
\n
\n
\n