No matter how protective an organization is of its perimeter, it can never be entirely secure. Unhappy and mistreated employees can become insider threats, Lisa Forte, co-founder of Red Goat Cyber Security, told during (ISC)² Security Congress 2021.
During her keynote speech, Forte addressed insider threats that, according to her, got harder to identify.
Technology makes it easier to steal data, and bad actors can manipulate insiders into becoming unwitting spies. But in some cases, insiders are even willing to collaborate with the threat actors, especially if they feel mistreated by their employer.
“When people don’t feel happy, when people don’t feel content, they don’t have that individual investment in the company, or in the city, or in the country to which they belong. People will accept some pretty Draconian measures, and they are quite happy to put up with that and keep the secrets, as long as they feel valued and they feel they got a good deal,” Forte said.
The message to employers is pretty straightforward - make sure your employees are happy and valued. That will discourage them from becoming willing insiders. The threat, Forte noted, is even more significant now, with so many people working from home.
While poorly on information security trained employees can unintentionally help malicious hackers, businesses need to be wary of the malicious insider threat: a disgruntled employee or someone bearing a grudge that can be tempted with the lure of money and getting back at their workers.
Last year, a survey by Atlas VPN revealed that 65% of organizations suffered from one or more insider attacks over 12 months.
Nearly half (49%) of surveyed leaders said that fixing the issues raised as the result of an insider attack cost less than $100,000. However, 30% of respondents said monetary damages caused by a single incident could be anywhere between $100,000 and $500,000 to fix.
More from CyberNews:
Subscribe to our newsletter