Cybernews
  • News
  • Editorial
  • Security
  • Privacy
    • What is a VPN?
    • What is malware?
    • How safe are password managers?
    • Are VPNs legal?
    • More resources
    • Strong password generator
    • Personal data leak checker
    • Antivirus software
    • Best VPN services
    • Password managers
    • Secure email providers
    • Best website builders
    • Best web hosting services
  • Follow
    • Twitter
    • Facebook
    • YouTube
    • Linkedin
    • Flipboard
    • Newsletter

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

Our readers help us create quality content. If you purchase via links on our site, we may receive affiliate commissions. Learn more

Home » Security » What are insider threats and how can you protect against them?

What are insider threats and how can you protect against them?

by Chris Stokel-Walker
2 November 2020
in Security
0
Woman looking at computer screen with inscription Virus Detected

© Shutterstock

28
SHARES
The biggest risks sometimes come from inside your organisation.

Cybercrime is big business. Hackers and bad actors are always eager to find a way to gain access to information they shouldn’t, and end up putting that data onto platforms and places that enable them to make an income. Organisations and the criminals who are trying to target them are involved in a neverending cat and mouse game of trying to patch vulnerabilities before they’re found.

Defensive skills have been developed over years that are the match of the offensive attacks, but there’s one area that continues to lag behind the bad guys: people. 

Most cyberattacks and data breaches begin not with a brute force attack using carefully-considered computer code, but instead, with people doing something wrong.

Insider threats can be a costly issue for businesses. People doing something wrong within an organisation – whether accidentally or deliberately – can result in catastrophic losses. The potential losses from insider threats rose 31% between 2018 and 2020, to now cost $11.45 million.

What are insider threats?

Insider threats can take many forms. Some are casually minded workers who don’t take into consideration the potential pitfalls of mis-stepping digitally – the accidentally reckless workers. Others are employees with a grudge: feeling wronged by their bosses, they sometimes choose to try and leak information, or deliberately let bad actors in as a way of misguided revenge.

Others are inside agents: people who know full well what they’re doing, and have joined a company specifically to help prise open access to data that shouldn’t be available to criminals. Meanwhile, sometimes third party participants brought in to a company to work on a contractor basis can accidentally leak information or leave open doors to data.

The more accidental concerns around insider threats have become even more of an issue as the work from home revolution has taken over the planet. We’re no longer able to exist under the protective halo of company IT support, instead left to fend for ourselves in cyberspace.

Working from home comes with risks

When we’re in an office, we’re often encouraged to act responsibly by the sheer presence of our peers. We remember to double-check our passwords, and can ask a fellow worker to double-check the veracity of a link in an email before clicking it and falling victim to a spear phishing attack.

When we’re away from the office, that informal and formal support network disappears. In order to try and tackle the issues that can ensue, it’s important that employers try to replace some of that consideration by making their workers more aware of the potential risks they could fall foul of when they’re working at home. That of course doesn’t stop inside agents from wreaking havoc remotely. 

Likewise, another element of the work from home revolution makes it more possible for businesses to become victims of cyberattacks from insider threats. The more we work from home, the more we keep in touch via email – making it likely that reckless employees will carelessly click on links they shouldn’t.

In order to try and counter that risk, businesses can limit the amount of communication that takes place on email to the most essential. If workers are wading through endless numbers of emails, they’re less likely to spot the extraordinary or unusual messages that hide phishing campaigns. They’re also more likely to believe that any message is sent officially. Instead, trying to take communication off email and onto real-time video calls can help ensure there’s less likelihood of falling foul of bad actors. Overall, the way to tackle issues with insider threats is to communicate the risks involved, and to advise people of how to avoid them.

Share28TweetShareShare
Next Post
Young woman looking excitedly at cellphone and a line of white clothes hooked on a rack in the background

How to stay safe online during Black Friday and Cyber Monday sales

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's choice

One of the biggest Android VPNs hacked? Data of 21 million users from 3 Android VPNs put for sale online
Security

One of the biggest Android VPNs hacked? Data of 21 million users from 3 Android VPNs put for sale online

by CyberNews Team
26 February 2021
4

A user on a popular hacker forum is selling three databases that purportedly contain user credentials and device data stolen...

Read more
A blast from the past: the finest retro PCs people use

A blast from the past: the finest retro PCs people use

26 February 2021
How this IMDb flaw gave me credit for working on Chernobyl, GOT, and other gigs

How this IMDb flaw gave me credit for working on Chernobyl, GOT, and other gigs

25 February 2021
Forget Bruce Willis. AI will protect us from killer asteroids instead

Forget Bruce Willis. AI will protect us from killer asteroids instead

24 February 2021
COMb data leak - Mother of all breaches

COMB: largest breach of all time leaked online with 3.2 billion records

12 February 2021
  • Categories
    • News
    • Editorial
    • Security
    • Privacy
  • Reviews
    • Antivirus Software
    • Password Managers
    • Best VPN Services
    • Secure Email Providers
    • Website Builders
    • Best web hosting services
  • Tools
    • Password generator
    • Personal data leak checker
  • Engage
    • About Us
    • Send Us a Tip
    • Careers
  • Twitter
  • Facebook
  • YouTube
  • Linkedin
  • Flipboard
  • Newsletter
  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!