Secure the perimeter! Man your battle stations! Prepare to repel boarders! Whatever moniker you use to call to attention the threat of outside attackers to your organization, is up to you. The point is it’s dangerous out there, and IT security professionals continue to fight the good fight every day. Protecting the virtual perimeter of your network has never been more important than it is today; but this article is not about threats from the outside. IT security professionals understand the necessity to secure the perimeter and have a plethora of tools available to do just that. Arguably, a greater challenge for IT security professionals is combating the threat from within.
What is an "insider threat"? Take a few minutes and type into Google “definition of insider threat”, go ahead, I’ll wait. What you have likely found is that there are thousands of results that define the term Insider Threat, most of them correct. To sum it up, an insider threat is everyone. You, me, Allen from accounting, we are all potential insider threats.
Yep. Everyone. Every person that can login to a computer on your network, is a potential threat. Insider threats can be defined in two broad categories: intentional and unintentional. What’s the difference? The difference between an intentional and an unintentional insider threat comes down to one thing: motivation.
Intentional malicious actors (also known as malicious insiders) are motivated to cause harm to your organization, that’s their purpose, their call to arms. Why would someone want to harm your organization? The reasons can be anything from a disgruntled employee to a financially motivated individual. In some cases, a combination of reasons, such as a disgruntled employee selling your proprietary data on the black market.
Unintentional insider threats are employees that cause harm essentially by accident. These individuals don’t mean to cause harm. Perhaps they clicked on a link in a phishing email, or changed a database entry by accident, whatever the situation, they are not motivated financially or otherwise to cause harm to your organization.
Combating the Threat
Combating insider threats can be extremely difficult. How do you defend your organization against insider threats? There are many controls that can be implemented to combat insider threats. What controls you put in place depends on the motivation of the threat.
Malicious insiders pose a particularly interesting problem, because in many cases, these are employees that you have trusted with your information. Implementing robust hiring processes, background checks and termination processes are a key component of addressing the threat of malicious insiders.
Unintentional insider threats require a slightly different approach. While good hiring practices and background checks should, of course, be utilized for all employees, these practices do not address the threat of unintentional insider. Training is the one of the best methods to address the unintentional insider threat. Train your employees to be mindful about clicking on links in emails, or divulging information over the phone to unknown individuals.
How can TechGuard Security help
At TechGuard Security, we can assist you with your organization’s battle with insider threats. Need to train your employees? We have a solution. Need to test employees on phishing? We can help there too. Contact us today to learn more about our services.