TechGuard Blog

The Threat Within

Secure the perimeter! Man your battle stations! Prepare to repel boarders! Whatever moniker you use to call to attention the threat of outside attackers to your organization, is up to you. The point is it’s dangerous out there, and IT security professionals continue to fight the good fight every day. Protecting the virtual perimeter of your network has never been more important than it is today; but this article is not about threats from the outside. IT security professionals understand the necessity to secure the perimeter and have a plethora of tools available to do just that. Arguably, a greater challenge for IT security professionals is combating the threat from within.

Insider Threat

What is an "insider threat"? Take a few minutes and type into Google “definition of insider threat”, go ahead, I’ll wait. What you have likely found is that there are thousands of results that define the term Insider Threat, most of them correct. To sum it up, an insider threat is everyone. You, me, Allen from accounting, we are all potential insider threats.

Everyone? Really?

Yep. Everyone. Every person that can login to a computer on your network, is a potential threat. Insider threats can be defined in two broad categories: intentional and unintentional. What’s the difference? The difference between an intentional and an unintentional insider threat comes down to one thing: motivation.

Intentional malicious actors (also known as malicious insiders) are motivated to cause harm to your organization, that’s their purpose, their call to arms. Why would someone want to harm your organization? The reasons can be anything from a disgruntled employee to a financially motivated individual. In some cases, a combination of reasons, such as a disgruntled employee selling your proprietary data on the black market.

Unintentional insider threats are employees that cause harm essentially by accident. These individuals don’t mean to cause harm. Perhaps they clicked on a link in a phishing email, or changed a database entry by accident, whatever the situation, they are not motivated financially or otherwise to cause harm to your organization.

Combating the Threat

Combating insider threats can be extremely difficult. How do you defend your organization against insider threats? There are many controls that can be implemented to combat insider threats. What controls you put in place depends on the motivation of the threat.

Malicious insiders pose a particularly interesting problem, because in many cases, these are employees that you have trusted with your information. Implementing robust hiring processes, background checks and termination processes are a key component of addressing the threat of malicious insiders.

Unintentional insider threats require a slightly different approach. While good hiring practices and background checks should, of course, be utilized for all employees, these practices do not address the threat of unintentional insider. Training is the one of the best methods to address the unintentional insider threat. Train your employees to be mindful about clicking on links in emails, or divulging information over the phone to unknown individuals.

How can TechGuard Security help

At TechGuard Security, we can assist you with your organization’s battle with insider threats. Need to train your employees? We have a solution. Need to test employees on phishing? We can help there too. Contact us today to learn more about our services.

Check out our other blogs on Physical Security:

What is IT Security worth without Physical Security?                                Employees should Watch out for Tabnabbing

Your #1 Security Threat - Well-Intended Employees                                  Create a Top-Down Culture

USB Drops: Would your Employees Take the Bait?                                     Social Engineering Takes on Many Shapes

Top 5 Security Awareness Training Topics                                                    Insider Threats are Weakening Your Physical Security

Poisoning the Water Cooler                                                                               

Written by Nathan Rice

Nate has fifteen years of IT experience spanning a variety of domains with a focus in defensive security. Nate currently holds the following certifications: CEH, CompTia Security+ and CompTia A+. Prior to TechGuard Security, Nate was a Senior IT Security Engineer at a Fortune 100 organization. As a Security Engineer, Nate focused on new technology integration and implementation. Along with a variety of application administration roles in security operations, his past project work includes, Implementation of a DLP Program, Single Sign On Program and Multifactor Authentication. At TechGuard Security, Nate conducts audit control assessments, penetration tests, vulnerability assessments and social engineering exercises. Nate’s focus is on customer service and support, as well as providing customer solutions to complex IT security challenges. When not working or studying Nate enjoys being outdoors and spending time with his wife and kids.