Insider threats cost companies millions. According to the Ponemon Institute’s recently released study 2020 Cost of Internal Threats, in the last two years, we have seen a 31% increase in threats emerging from inside an organization. Costs range from $756K to $871K per incident, depending on the type of breach.
There are three types of Insider Threats:
- Careless, Negligent Employee or Contractor– These are well-intentioned employees or other users who accidentally harm the enterprise. These incidents happen all the time, but a lot of people don’t think about this threat. Employees constantly make mistakes that put company data at risk — whether that’s because they’re careless, taking shortcuts, or simply uneducated in security. These mistakes add to the challenges faced by IT Teams daily. Ransomware, for example, is often put on a computer because of an employee’s careless browsing or download habits. Phishing attacks are another great example.
- Malicious Insider – This is the disgruntled employee who sabotages company data as revenge. This could be the employee who steals proprietary data to take to their new firm or the customer service rep who copies credit card data to sell online or the sales rep sharing competitive information. It’s anyone who intentionally harms their employer, whether for revenge, personal gain, or any other reason. These guys know exactly what they’re doing.
- Credential Thief – These are outside hackers who steal credentials to gain inside access to your system. Once an outsider gains access to your system, they are effectively acting as an insider. The methods that you need to detect and stop them are the same as any other rogue employee. While many don’t think about these guys as insider threats, they’re a huge danger operating from within your environment, so they are very much an insider threat. These guys damage brand reputation and generally wreak havoc, often looking for personal financial gain.
Of note, the negligent insider has been identified as the root cause of most incidents (with average costs of $756K), while the malicious insider risk is the most costly (with average costs of $871K). And the longer it takes to identify the breach, the costlier it gets. With the average incident taking 77 days to contact, this adds up to a costly amount!
The data shows that most organizations need to be more vigilant about insider threat incidents, which often fly under the radar until it’s too late. Many organizations believe that they can address insider threats with their existing, externally focused security solutions, when a dedicated insider threat management strategy may be a better overall approach. Here are a few tips Clare Computer Solutions recommends:
- Implement an Endpoint security solution backed by a Secure Operations Center that can quickly identify insider threats and provide immediate support.
- Limit access to non-essential data or limit the duration of time users can access the information needed for a task.
- Use AI solutions to Identify behavioral indicators of potentially malicious insider threats.
- Periodically evaluate the organization’s risks through dark web monitoring for credential leaks.
- Establish consistent, repeatable processes that educate all employees through Security Awareness Training.
- Begin considering the impact an insider threat could have on reputation and brand, in addition to the financial costs