The inside threat to your security
By Guy Eilon, Senior Director & General Manager, Forcepoint ANZ
Wednesday, 14 December, 2016
Employees are your most valuable resource… but they can also be your biggest security risk.
When data breaches make headlines, it’s often because the hacking is by nefarious organisations like Lizard Squad, or because it exposes sensational personal data as was the case in the Ashley Madison scandal. While these cases make a big splash in the media, the reality is that the majority of data breaches fly under the radar.
In the modern economy, being subject to a cyber attack is not only possible but probable. According to a global report by IBM, around 53 million security incidents took place last year alone. While the headlines would lead us to believe that these are due to sophisticated cybercrime from foreign adversaries, over 60% of these incidents were in fact the result of actions from companies’ biggest asset: their employees.
The rise of the insider threat
In Australia, the threat from inside an organisation is real and immediate. Research commissioned by Forcepoint this year revealed that over 90% of Australian enterprise and government organisations believe they have been a target of an internal data leakage — with only 6% categorically denying any exposure to a data breach. We often don’t hear about breaches like this, as companies are currently under no obligation to report them.
Employees are a company’s greatest asset, but also the main point of vulnerability as they are often targeted by external parties to gain access to the network. Human error, lack of training or negligence causes the greatest number of insider data breaches by volume, with 66% of survey respondents the target of an accidental insider threat, 39% exposed to a socially engineered insider threat and 32% exposed to a purposeful or malicious data leakage.
While negligent insiders are not malicious in nature, they can cause significant damage to an organisation. Typically this includes: unintentionally sending confidential data to the wrong recipients or intended recipients who should not be receiving the data in the first place; losing a laptop, mobile device or USB drive; and sharing too much information through social media channels. Other examples include accidentally deleting or modifying company records.
Businesses also need to be open to the possibility that there are disgruntled employees who intentionally leak data to an outside organisation. One of the most common intentional breaches comes from employees who take corporate data or intellectual property with them when they leave a company — in some cases to join a direct competitor.
High stakes
The stakes for businesses are high, with a Ponemon Institute/IBM survey finding the average cost of an Australian data breach was $2.82 million. Given data is likely to be an organisation’s most valuable asset, this figure is unsurprising. Over time, reliance on digital tools and mechanisms is only set to increase, so staying ahead of cyberthreats will continue to be of growing importance to Australian businesses.
This is particularly true with the massive uptake of online systems, which not only includes new technologies but also truly digital ways of living. With the advancement of digitisation in the way personal information is shared, networks built and contacts maintained, organisations are developing sophisticated online tools and platforms to support mobile employees. In fact, according to a recent survey by PwC, international assignment levels have increased 25% over the last decade and could see another 50% growth by 2020.
Which businesses are at risk? Every company that relies on digital infrastructure or IT networks in their day-to-day operations. In one way or another every company is a technology company, so all companies needs to be prepared when it comes to cybersecurity.
Implementing a security solution
As the threat and cost of data leakage grows, businesses need to take steps to put comprehensive security solutions in place. These solutions need to focus on data loss prevention through behavioural analytics to provide the best defence against the biggest risk — the insider threat. This approach integrates technology with an understanding of people and processes to mitigate a threat before it happens.
Monitoring tools can accelerate companies’ efforts to prevent data theft and loss from hijacked systems, rogue insiders, stolen credentials and negligent end users by enabling security professionals to see early warning signs of abnormal behaviours, capture a record of desktop activity and intervene before sensitive data is lost or stolen.
Ultimately an insider threat solution needs to connect the dots, capturing human behaviours arising from carelessness, lack of training or malicious intent that may be warning signs of an impending breach.
Weighing up the risks
In an increasingly competitive and digitalised world, businesses need to closely guard their confidential data and intellectual property. For many, success or failure can come down to the protection of these critical assets.
While business owners and security staff alike will need to weigh up the risks for their organisation, one thing is clear — without a comprehensive security solution in place that protects against the insider threat, it may only be a matter of time until those businesses have to face the financial and reputational repercussions.
The AI regulation debate in Australia: navigating risks and rewards
To remain competitive in the world economy, Australia needs to find a way to safely use AI systems.
Strategies for navigating Java vulnerabilities
Java remains a robust and widely adopted platform for enterprise applications, but staying ahead...
Not all cyber risk is created equal
The key to mitigating cyber exposure lies in preventing breaches before they happen.