The insider threat can be driven by money or sympathy for a cause or simply lack of training
While some companies are finally waking up to the growing threat of cybercrime, few organizations comprehend that only securing their outer defenses against attack is not sufficient and that the insider threat may be the greater one.
The US Computing Technology Industry Association (CompTIA) has surveyed individuals from hundreds of companies with 52 per cent of respondents naming human error as the leading contributor to security breaches.
According to KCS’ own research, 80 per cent of cyber breaches can be traced to staff working behind the firewall. Insider threats are becoming increasingly more difficult to detect and prevent, as well as more frequent.
The wide adoption of cloud services and mobile technology in companies has transformed IT infrastructures considerably. With physical boundaries of corporate networks and digital assets not as clearly defined as they once used to be, the focus in fighting insider threats needs to shift toward protecting user accounts. “Now that the traditional security perimeter has been erased by mobile and cloud computing, identities have become both an attack vector and security perimeter,” says Tom Clare, VP of marketing at cybersecurity startup Gurucul.
“Good data hygiene is critical, but it is not enough,” says Stephan Jou, CTO at Interset. “A negligent employee is unlikely to change regardless of training, and a third-party attacker often can operate outside employee-focused processes. More importantly, the insider stealing for espionage is motivated to break rules.”
There is, however, evidence that companies in the US at least are gradually becoming aware of the part human error plays in the majority of cyber security breaches. According to CompTIA, 30 per cent of respondents cited “human error among general staff” as a serious concern and 26 per cent cited human error among staff” as a serious concern.
KCS’s extensive case files contain many examples of the various types of human error which have enabled major cyber breaches. In some cases, determined cyber criminals or even business rivals will infiltrate companies or bribe staff with access to the corporate IT system. Corporate cyber professionals would do well to put more emphasis on the insider threat.