Cyber threats can come from anywhere. For organizations facing an onslaught of external attacks, it’s easy to forget that fact. However, insider threats have fast become an equally serious threat to modern businesses; research from Gurucul revealed that 74% of organizations felt insider attacks have become more frequent – up 6% from the previous year.
Organizations must recognize that a security program is only complete with effective insider threat mitigation protocols. It’s no use armoring your back if you leave your soft underbelly exposed. This article will outline some best practices for mitigating insider threats.
Defining Insider Threats
Organizations need a working understanding of what an insider threat is before they can mitigate them. An insider threat is anyone using their current or former access to or knowledge of an organization’s resources, including personnel, facilities, information, equipment, networks, and systems, to harm the organization.
According to the Cybersecurity and Infrastructure Security Agency (CISA), there are two primary types of insider threats:
- Unintentional Threat – Unintentional insiders include individuals who expose an organization to threats through negligence or accident.
- Negligent insiders are generally familiar with security protocols but choose to ignore them.
- Accidental insiders mistakenly cause an unintended risk to an organization, such as by clicking on a phishing link.
- Intentional Threat – Often referred to as “malicious insiders,” intentional threats are individuals who deliberately expose an organization to harm for personal gain or to exact revenge. ....
Read the rest of this story with a free account.
Already have an account? Sign in
Author
NewOctober 31, 2024How GPT Extensions Are Empowering Ethical Hackers in 2024
OfficialMarch 7, 2023Interview with Jason Ross
OfficialMarch 7, 2023APPLICATION SECURITY TESTING
