10 Ways to Prevent and Mitigate Cyber Security Insider Threats
- Christopher Dale, Content Marketing Manager, ThriveDX's Enterprise Division
In a world where 97 percent of cyberattacks depend on employees, it has never been more important for organizations to prevent and mitigate insider security threats. In 2021 the FBI’s Internet Crime Complaint Center (IC3) fielded 847,376 reported complaints with potential losses exceeding $6.9 billion – a seven percent increase from 2020. A comparatively small but expensive part of this are the 19,954 Business Email Compromise (BEC)/ Email Account Compromise (EAC) complaints with adjusted losses at nearly $2.4 billion. BEC/EAC are sophisticated cyberthreats targeting primarily businesses usually resulting in transferring money to malicious actors.
First of all, threat actors typically employ credential theft to gain access to an employee’s email account. Once they are able to impersonate said employee, they’ll embark on asking different people to send money or other sensitive data to a lookalike domain or even the emailer himself.
When hiring an employee, you implicitly trust them to do what’s in the best interest of the company. The vast majority of new hires do just that. But that still leaves a significant number actively sabotaging the very company where they work. It is important to implement a system to prevent insider threats in your company or organization. The fact is insider threats can wind up costing companies millions of dollars in unauthorized transfers, lost business, and decreased uptime.
Training up employees is no longer optional – it’s mandatory to stay in business.
Insider Threat Statistics
Insider threats increased 47% between 2018 and 2020. Additionally, up to 57% of organizations believe that insider incidents have become much more frequent in the past year. When it comes to who is responsible for these threats, the following breakdown is available:
- Negligent insiders account for 62% of incidents
- Negligent insiders using stolen credentials account for 25% of incidents
- Malicious insiders account for 14% of incidents
Why Are Insider Threats So Dangerous for Organizations?
Insider threats are particularly insidious because they’re coming from the home team, usually those with privileged access to sensitive data. This person takes actions that impact and damage a company in many ways. The actions may be caused by negligence, laziness, or malice. Since the insider has legitimate access to business information, they have the ability to cause significant harm before a threat is even detected. In other words, the impact is typically more significant than those arising from external threats. Organizations must make preventing and mitigating insider security threats a top priority.
Technological Advances Impact the Insider Threat
Technology advances have given threat actors additional avenues to conduct their malicious behavior. Because of this, companies are even more at risk than they were in the past.
How Companies Can Detect and Prevent Insider Threats
Most companies want to trust their employees. Unfortunately, this isn’t always a smart move. In many cases, it is those who you trust the most who betray you. Because of this, it is important to have steps in place to detect and prevent insider threats. Some ways you can do this include:
1. Implement a Security Policy
When it comes to security threats, prevention is key. Don’t let it come down to a human being making human decisions. Avoid it altogether in the first place. Make sure you have a detailed and comprehensive security policy in place to help prevent and detect any misuse. It’s also necessary to include up-front guidelines on conducting investigations.
2. Physical Security
Another step you can take when preventing insider theft is keeping employees away from the most critical infrastructure for your business. Ensure that employees have somewhere to safeguard sensitive information and isolate the higher-value systems in place. It’s also wise to use biometric authentication or at the very least a two-factor verification system for accessing sensitive information.
3. Carefully Screen New Hires
Background checks are imperative when hiring someone new. While some view these as too expensive, they may help save your company quite a bit of stress, hassle, and money down the road. A background check ensures you know everything you can about a new hire before onboarding them. This will help prevent and mitigate insider security threats by reducing the risk they become a threat in the first place.
4. Use Multifactor Authentication
Some of your employees use weak passwords to access data. Today, password-cracking technology has become more advanced, meaning it’s easier for others to gain access to your company network via a careless employee. Employing two-factor (2FA) or multi-factor authentication (MFA) helps prevent this. It’s worth noting that between token and texting MFA, token provides much better security.
5. Train, Train Train
97 percent of today’s cyberattacks require human intervention to execute. At work that typically means your employees must understand what phishing, credential compromise and ransomware even looks like. Security Awareness Training, or SAT, is the fastest way to get them into compliance. Make sure your SAT includes ongoing testing and a way to integrate with your current Learning Management System (LMS) to ensure there be an enforcement mechanism. After all, just because your employee opened the training doesn’t mean they’re paying attention…right?
6. Segment LANs
It’s challenging to find all the choke points in LANs. Rather than trying to do this, segment LANs using firewalls. This is going to create a zone of trust at the points where every LAN connects with the main corporate LAN.
7. Seal Any Information Leaks
Information may leak out of your company in several ways. Make sure you outline what can and can and cannot be shared in the information security policy you create. It’s also possible to use software that scans your policy to let you know when violations occur.
8. Investigate Unusual Activities
Sometimes when an employee betrays a company’s trust, they think they believe they’re flying under the radar, as most attention is usually focused outward on external threats. Yet if your MDR software flags anything abnormal make sure to investigate the situation right away.
9. Implement the Right Strategies and Tools
Just because 97 percent of all data breaches require employee intervention, it’s not an excuse to avoid using traditional perimeter defenses. Make sure you’re using firewalls, web and email servers and everything else perimeter related. Perhaps most crucially, keep all of your network software updated and patched.
10. Monitor Irregularities
Make sure you utilize managed detection and response (MDR) tools that monitor your network traffic. Make sure you position security cameras at crucial access points and give thought to installing additional monitoring software for at-risk or suspicious employees. When it comes to your company’s private information, there’s no such thing as being too careful.
Don’t be a Victim – Mitigate Insider Threats Today
As you can see, there are several steps you can take to help your organizations prevent and mitigate insider security threats. If you don’t have safeguards in place right now, don’t wait too long. While you may trust your employees, trust breaches happen all the time. If it does happen it can cost your business in significant ways. The above tips will help prevent, detect, and mitigate dangerous and potentially bankrupting insider threats.
Christopher Dale is the content marketing manager for ThriveDX’s Enterprise Division. He has worked in the cybersecurity field for almost 14 years in PR, social media and content development roles for a range of companies including ESET, Forcepoint, Cylance (Blackberry) and Proofpoint. He holds Bachelor of Arts degrees in Political Science and Rhetoric & Communication from the University of California, Davis.
Protect Your Organization from Phishing
Explore More Resources
- Article, News
- Article, News
- Article, News
- Article, Blog
Your Trusted Source for Cyber Education
Sign up for ThriveDX's quarterly newsletter to receive information on the latest cybersecurity trends, expert takes, security news, and free resources.
