With attackers routinely stealing credentials and masquerading as legitimate users, the idea that everything on the inside of an organization’s network should be trusted has become antiquated.
A 2018 Insider Threat Report from Crowd Research Partners found that 90 percent of organizations feel vulnerable to insider attacks. Enabling risk factors to include too many users with excessive access privileges, an increasing number of devices with access to sensitive data, and the increasing complexity of IT. There are numerous labels out there for insiders whose behavior exposes us to data loss and brand damage; they boil down to three basic types:
From a defensive standpoint, it makes no difference if data loss stems from an external attacker with stolen credentials or an employee acting carelessly. Sensitive data needs to be protected, no matter who accesses it. What unifies these types as a significant threat is that they’re already inside your network. If you don’t protect your data by monitoring their activity and behavior you’ll be unable to respond to any threats they pose, and the results can be devastating.
What You Can Do
Find out how your organization can effectively address the threats posed by insiders, adopt a “never trust, always verify” approach to network security, and mature your overall cybersecurity capabilities in our latest articles: