3 Types of Insider Threats to Look Out For
July 8, 2019

Most organizations may see hackers as their biggest threat but security threats can happen from inside their company as well. According to Verizon, 57% of database breaches involved insider threats within an organization. 

Insider threats can occur in various ways and are not always intentionally malicious. For example, an employee who has their credentials leaked can inadvertently become an insider threat if a hacker compromises their account to steal data. In this case the employee may seem like they are a bad actor when in reality their account is being controlled by a malicious actor. 

Understanding the different types of insider threats can help organizations ensure they have effective measures in place to prevent insider threats from harming their company. 

insider threat

Source: Verizon

What Is An Insider Threat?

An insider threat is someone who has authorized access to an organization and misuses that access and puts an organization’s security and data at risk. They can be former or current employees, stakeholders, partners or someone who frequently access your organization’s premises.

Insider threats are serious because they know their way around an organization. They will most likely have access to or know how to gain access to important data. Since they have authorized access, they can be hard to detect or determine if they are using their access maliciously.

A well-known example of an insider threat is the whistleblower Edward Snowden. Snowden famously leaked highly classified information from the NSA, where he used to work.

3 Types of Insider Threats

Unintentional Leak

Employees accidentally leaking information or putting data at risk end up acting as an insider threat. This type of insider threat doesn’t have malicious intentions but may use poor cybersecurity habits that end up threatening an organization’s security.  According to research by SolarWinds, more than 50% of organizations reported that employees pose the biggest risk for insider abuse or misuse.

The best way to combat employee error is to have a good cybersecurity culture. Cyber awareness through cybersecurity training can help users avoid common mistakes, such as clicking on a phishing link, that put organizations at risk.

Malicious Intentions

This type of insider threat wants to use their access maliciously for their own desires. They may be a disgruntled employee looking to cause havoc on their former employer or an employee trying to use their access for financial or personal gain. Research from Accenture found that nearly one in five healthcare employees said they would sell confidential information like login credentials to unauthorized parties.

Of course, organizations are unable to read the minds of their employees let alone know their intentions. In order to combat this type of threat, using advanced technology like a SIEM can help detect suspicious behaviour, such as employees accessing unusual data or systems or if your network is communicating with a malicious server. Organizations should also disable the accounts/access of recently departed employees as soon as possible.

Insider Accomplice(s) 

This threat occurs when the person colludes with other employees or with external parties to steal information.

An example of this type of insider threat would be the the incident with the “Wolf of Manchester.” In 2015 an insurance worker partnered with a former employee to steal customer data and used that information to commit fraud. The pair made £18,250 (approximately $30,000 CAD) by using the stolen data. 

To mitigate this kind of insider threat, it’s important that you are protecting your critical assets with privileged access management and monitoring. Limiting access to important data to only those who need it will help you keep track of who has access to the data. Monitoring your networks for suspicious behaviour can help detect fraudulent activity or abuse of access.

You May Also Like…

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Solutions to Grow Your Business

We've got you covered with our comprehensive portfolio of solutions.

Cybersecurity Solutions

Cyber Incident ​Response
Endpoint Detection and Response (EDR)
Extended Detection and Response (XDR)
Firewall Security
Mail Security
Penetration Testing Services
Security Baseline Assessment
User Defence
Vulnerability Detection Response (VDR)
Wi-Fi Security

Backup & Recovery Solutions

Hybrid Backup
Enterprise Backup
Mail Archiving

Helpdesk & Field Services Solutions

Monitoring and Management Solutions

Professional Services & Consulting Solutions

Public and Private Cloud Solutions

Azure Management and Monitoring
Microsoft 365 Administration
Private Cloud
Microsoft CSP

Your partner in digital transformation

Helping the next generation of MSP and IT solution providers transform and grow.

businessmans handshake

Types of Partners

Managed Services Provider (MSP)

Internet Service Provider (ISP)

Value Added Reseller (VAR)

businessmans handshake

Partnership Overview

Jolera’s partner program offers flexibility to engage with us on your terms. We have spent more than two decades building award-winning best in class partner enablement and turnkey end-customer solutions for you.
progress

Partner Program

Jolera has three partner programs to choose from: Select, Preferred and Premier.

Learn about us and the legacy we have created

At Jolera, we treat each MSP partner with specialized care. With more than 20 years of IT experience, we offer the latest technology to navigate cloud, security, endpoint, and storage needs.

vintage pocket watch vintage background concept

About Us

Jolera is widely recognized as a global managed services leader. We started as managed services provider over 20 years ago and have been at the forefront of managed services innovation ever since.

progress

Our People

As a service provider our main goal is to make the customer happy. For that final goal, we need passionate and happy people working with us – Our People Are Our Biggest Asset.

progress

Our Leaders

We are performance driven at the core - tying together best of breed technology and industry leading expertise with pragmatic processes built to deliver outcomes.

Meet Our Leaders!