Who Is An Insider And Why It matters To You?

Uncategorized Sep 11, 2019

Who Is An Insider?
And Why It matters To
You!

Ask most businesses to name their biggest security threats to their organisation and they will probably reel off a list of external sources such as hackers, malware, ransomware, social engineering, phishing, denial of services attacks and lots more.

Yet, most often than not, the greatest risk to any organisations comes from within. The disgruntled employee, the rogue user, the financially motivated member or even the unintentional person that accidentally disclosed sensitive information can have a severe impact on the organisation.

Insider threats are an intriguing and complex problem. Some assert that insider threats are considered the most difficult problem to deal with because the “insider” has information, knowledge, capabilities and trust to easily evade organisation security policies, procedures and other controls.

The important thing to remember is that all insider incidents are not alike. They are unique to each organisation. However, there are some distinct similarities and common properties for all individuals.

Who is an Insider?

  • An insider is anyone – an employee, a past employee, a contractor, a vendor, a partner, even a family member that has or had access to organisations assets;
  • An insider is someone that is either fully or partially trusted;
  • An insider is someone who was or is a system user;
  • An insider is someone who has or had certain privileges;
  • An insider is someone that has some degree to access specific assets (degree of “insiderness”)
  • An insider is someone who has knowledge, skills and capabilities;
  • An insider is someone that has motivation and intent to act to achieve their goals;
  • An insider is someone that has a reasonable understanding of the organisation underlying information technology platforms;
  • An insider is someone who has control over some of the assets that they associate with;
  • An insider is someone who possesses the power to act as an agent of the organisation;

The Threat

According to the Insider Threat Division of CERT, an Insider that harms the organisation whether it be intentionally or unintentionally has the following characteristics:

  • Has or had authorised access to an organisation network, systems or data; and
    • (Malicious) Intentionally exceeded or misused that access in a manner that

OR

  • (Unintentional) through their action/inactions without malicious intent that
  • Negatively affected the confidentiality, integrity and availability of the organisation asset

Why is it that important for you?

The impact of an insider incident can be multi-faceted – Financial loss, operational disruptions, reputational harm, loss of confidential/proprietary information, loss of customers, loss of employee morale, loss of clients, long term impacts on the organisation culture and potentially life and company threatening.

Any motivation or an innocent act can, therefore, have a devastating effect on the organisation.

What is the ultimate objective of the insider threat mitigation program?

The goal of the insider threat mitigation program is to avoid catastrophic consequences regardless of motivation.

What Can You Do Moving Forwards?

Insiders will act unexpectedly and it is something that you are unable to control.  Every person within the organisation is unique in their beliefs, values, goals, their thinking and their associated disposition.

The unpredictable of human behaviour has its implications on organization trust. Think about it this way – most people are not entirely logical or consistent in their behaviour. And as a result, strong security posture isn’t achieved by deploying the typical technology controls.

Be aware that security is context-dependent. Motivation and intent are clearly important in defining insiders. While intent (the purpose of actions) is at least partially observable, motivation (the stimulation to act) is not.

Developing effective strategies to mitigate insider threats requires a two-prong approach

  1. Security controls and policies that are able to prevent, detect, deter, disrupt and respond to insider threats.
  2. Employee engagement programs so that insiders are “shaped” to act in the best interest of the organisation.

How Can We Help You?

Interested in identifying strategies in how your organisation can increase its effectiveness ability to prevent, detect, deter, disrupt and respond to insider threats then get in touch with Naked Insider or contact us +61 2 6282 5554 or feel free to fill out the form of the Naked Insider website: https://www.nakedinsider.com/contact-us

In addition, download Naked Isnider insider threat book (free) “Protecting Your Business From Insider Threats In 7 Effective Steps

Take The Challenge

How resilient is your business from insider threat harm? Would you be interested in finding out how you compare to your industry peers? Would you be surprised to know that most organisations that have taken this assessment are somewhat vulnerable? To find out more, https://www.nakedinsider.com/contact-us

Contact Us

For more information, you can also send them an email at:  [email protected] Or give us a call at: +61 26282-5554.

Close

50% Complete

Two Step

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.