Blog

The age-old risk of insider threats is making headlines. Insider threats are threats that arise from access to vital company information, goods, and/or networks. Insider threats are not limited to employees but could also arise from contractors, partners and anyone else who has vital access to goods, data, or networks.

Consider some of the following true events:

• A disaffected system administrator destroyed manufacturing information (including backups) and ended up costing his company $10 million. As a result, 80 employees lost their jobs.
• A labor dispute led to sabotage of a city’s entire traffic light system (due to the fact that two employees had designed the system and still had access during the strike).
• A former Citigroup employee stole almost $750,000 from vulnerable customers like the elderly, those with Parkinson’s Disease and even her own family members.
• In recent years, the most famous story of an insider threat is Edward Snowden, a Government contractor who stole government secrets and threatened national security.

There are also plenty of cases where insiders have inadvertently put their company at risk due to phishing or social engineering.

Carnegie Mellon University’s CERT Division of the Software Engineering Institute (SEI) runs an Insider Threat Center. According to their Common Sense Guide to Mitigating Insider Threats, preventing insider threats is possible but challenging. It requires a multi-layered strategy involving policy and procedures, company culture as well as technical controls.

Collecting and analyzing over 700 case studies, CERT identified four types of malicious insider threats, including the following:

Share this post!

Facebook

Google

Twitter

Linkedin