The Insider Threat

Insider Threats: A Major Security Risk for Many Organizations

Let's Talk Insider Threat Management

Recognise and Remediate the Many Egos of Insider Threats

People are an organisation’s biggest asset, however, in some cases they can also pose the biggest threat. As organisations implement increasingly sophisticated physical and cyber security measures to protect their assets from external threats, the recruitment of insiders becomes a more attractive option for those attempting to gain access. Octree aims to help organisations reduce the risk of the insider threat by undertaking good personnel security practices.

An insider is defined as someone who exploits, or has the intention to exploit, their legitimate access to an organisation’s assets for unauthorised purposes. An insider could be a full time or part-time employee, a contractor or even a business partner. An insider could deliberately seek to join your organisation to conduct an insider act, or may be triggered to act at some point during their employment.

Employees may also inadvertently trigger security breaches through ignorance of rules, or deliberate non-compliance (due to pressure of work).

In a recent survey, “employees” topped the list of actors that companies are most concerned about exposing their organization to risk—both knowingly and unknowingly. Insider threats pose significant risks to businesses. Whether caused by carelessness or malicious intent, insider threats can be mitigated. To truly understand the risk of insider threats, one must first know the different forms that they can take.

They can be categorised as:

  • disgruntled employees,
  • corporate spies,
  • accidental exposures,
  • outgoing employees,
  • fraudsters

each of which has unique motivations and behaviour patterns.

Policy development and understanding, effective awareness training and the right technical controls are paramount, particularly in highly regulated sectors processing and storing sensitive or highly confidential data. These need to:

  • Reduce the risk of recruiting staff who are likely to present a security concern
  • Minimise the likelihood of existing employees becoming a security concern
  • Reduce the risk of insider activity, protect the organisation’s assets and, where necessary carry out investigations to resolve suspicions or provide evidence for disciplinary procedures
  • Implement security measures in a way that is proportionate to the risk, such as monitoring

 

 

 

 

To find out more about how we can resolve your IT issues please email or call us:

Send us an email Call us +44 (0)1462 416400
Latest News
Most British businesses have suffered a data breach in the past year, w...Read More
TfL want more details from the taxi-hailing firm before any future deci...Read More
When it comes to ransomware, it only takes one person to let the marauders ...Read More
Just because a malware outbreak has begun to fade away from the newspaper ...Read More

You need an account to download info please sign in or sign up

The above information will only be used to answer your query as you have detailed. We would really like to keep you informed with other information we feel is relevant to your business. If you’re happy to hear from us about other products and services then please select your preferences:

By checking one or more of these options and by submitting your email address, you acknowledge that you have read our Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive information from us, you can send us an email message using the Contact Us page, or click on Unsubscribe on any communication.