Insider Threats Are Rarely Malicious, But Always Costly

Insider Threats Are Rarely Malicious, But Always Costly

When it comes to insider threats, who should you be more concerned about — the negligent employee or the malicious one?

While malicious employees are the most publicized type of insider threat, employees who unintentionally put your company at risk are a far greater concern. These “mistake-makers” are the ones who fall for email phishing schemes and inadvertently provide system access to hackers; unwittingly misuse or expose sensitive information through carelessness or lack of security awareness training; or accidently delete or modify critical information.

The Ponemon Institute’s 2018 Global Cost of Insider Threats Study found that negligent employees caused three times more security incidents than malicious ones (64 percent versus 23 percent), and cost their companies an average of $283,281 per incident. The average annualized cost for employee negligence is $3.81 million, while criminal or malicious employees cost companies $2.99 million. Additionally, the study found it takes more than two months—73 days—to contain insider incidents.

The sad truth is your “insider” isn’t always an employee. Any contractor, supplier, or trusted business partner who has authorized yet uncontrolled access to systems and/or sensitive information has the opportunity to do irrevocable harm to a company. 

So how do you protect your company?

Five Easy Steps to Safeguard Your Company

To counter the threats posed by insiders, Revolutionary Security suggests CISOs take the following actions:

  1. Hire Wisely
    The first step to prevent insider threats starts with your company’s hiring practices. You and your HR department need to thoroughly vet prospective employees. Conduct thorough background checks that include criminal and civil litigation history, as well as reference checks on employee’s behavior in past roles.
  2. Improve Your Security Awareness Training
    Another key step to preventing insider threats is a properly trained workforce. A Ponemon study of anti-phishing training programs found that a typical program produced a 37-fold return on investment. Proper training should also teach employees how to recognize uncharacteristic behavior among their fellow employees—behavior that may be indicative of an insider threat—and know-how and who to turn to report their concerns.
  3. Establish and/or Update Your Company’s Policies
    Implement or update internal policies on responsible sharing and safeguarding of your company’s intellectual property and other critical assets. Policies should also establish procedures for use of personal devices, traveling with laptops, accessing 3rd party email systems, and for how to handle suspected or known incidents.
  4. Control and Restrict Data Access
    Every enterprise needs to protect its intellectual property, trade secrets, and customer information. This starts with controlling what information people in your company have access to.  Additional protection can be gained by restricting access to third party email and cloud storage sites, blocking thumb drives from being used on computers, and restricting computers from installing unauthorized software. Use of an enterprise mobility management solution can secure and manage employees’ mobile devices and apps and control their data access. You can also harden employees’ defenses by providing a cloud-based security solution to protect their online activities when they’re most vulnerable, such as working remotely.
  5. Monitor Network Activity and Data Usage
    Organizations can improve their defenses against insider threats by monitoring employee behavior and the flow of data on their networks. User behavior analytics programs can monitor an employee’s activity and data access and assess risk levels. Using a behavior analytics program can provide the highest incremental cost savings of all the risk-reducing tools.  

Regardless of your industry or company size data leaks, whether intentional or not, are a very real and costly problem. By implementing and enforcing these five proactive measures, you can dramatically reduce the threat of sensitive information being shared, lost, or stolen.

Boost your Insider Threat Program.

Read our two-part article, Your Insider Threat Program is Closer Than You Think >


Combat Insider Threats with an Integrated Enterprise Defense Strategy
Insider Threats and the Use of Popular Collaboration Platforms