Among the problems stemming from our systematic failure with cybersecurity, which ranges from decades-old software-development practices to Chinese and Russian cyber-attacks, one problem gets far less attention than it should – the insider threat.

“Insiders are the biggest threat to any organization,” said Richard C. Schmitt, vice president of security services at Coalfire Systems Inc., a Chicago-based firm that specializes in detecting and preventing data breaches.

The insider threat is one of the most serious – but least discussed – aspects of cybersecurity and has long been a concern of organizations ranging from government agencies to banks. As organizations grow more dependent on computers and other technologies, many rely on employees to secure those systems, identify vulnerabilities and report network intrusions.

In 2014, Microsoft President Brad Smith wrote a paper for the Atlantic Council, a Washington-based think tank, arguing the problem of insider threats is “much wider than the technical vulnerabilities that hackers seek to exploit.”

“It also includes employees who have access to data and computer systems, but are not actively seeking to attack them,” said Smith. “Many employees with security-cleared access to corporate networks and computers use their work email for personal correspondence or bank transfers, inadvertently enabling them to steal financial information or personal documents.”

Despite the potential severity of the threat, little is known about how many insiders pose danger within organizations. The National Security Agency has estimated that as many as one in four employees may pose an insider threat. Few organizations, though, have figures that are much more specific than that or know – with any certainty – which of their employees poses a risk.

The concern over the insider threat was underscored last year when Eugene Kaspersky, chief executive officer of Moscow-based antivirus company Kaspersky Lab, said the Sony Pictures hack attack in November 2014 was carried out by people who had worked for the company. Later reports indicated that U.S. officials had concluded that hackers working on behalf of North Korea were responsible for attacking Sony Pictures Entertainment.
The sheer number of insiders is also a major problem. Companies often have thousands of employees with legitimate access to sensitive data, often resulting from mergers and acquisitions. The challenge is how to ensure all those employees are trustworthy.

In addition, many organizations have contractors with access similar to full-time employees, as well as temporary workers who don’t get security clearance. This creates another challenge in that organizations must ensure those who do not work for them – but who have access to their networks and computers – can’t use that information in a malicious way.

A growing number of companies are addressing the insider threat issue by creating insider threat programs that identify potential problems and manage the risk posed by insiders. One of the best known is the Department of Defense’s (DoD) Insider Threat Program, which was created in 2007 to identify and address the issue.

In conclusion, the insider threat is a growing problem that poses one of the biggest cybersecurity threats to organizations. It’s a subject that we all need to pay close attention to in the coming years.

Interested in reading more about insider threats? What’s the Average Cost of Insider Threats? discusses how much an insider threat costs a business.

Liquid Video Technologies Logo, zero trust, Security, Video Surveillance, Greenville South Carolina, cybersecurity, insider threat

If you would like liquidvideotechnologies.com to discuss developing your Home Security System, Networking, Access ControlFire, IT consultant, or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com.