Malicious Insiders Are a Very Real Threat
WEBINAR: Live Event Date: September 20, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT
Designing a Proactive Approach to Information Security with Cyber Threat Hunting REGISTER >
In an era of clouds, mobility, the internet of things and shared data, it’s increasingly difficult to determine if a threat comes from within an organization.
Just when you thought cyber-security news couldn't get any worse, it does. Although organizations are now spending somewhere around $20 billion a year on tools and technologies to combat online crooks and various forms of attack, the problem grows worse by the day. What's more, even the most sophisticated security systems won't necessarily stop a malicious insider bent on destruction.
A new report from cloud-based security firm Mimecast offers some perspective on just how challenging the situation is and the difficulties associated with malicious insiders. Business Email Threat Report: Email Security Uncovered, found that 65 percent of IT security decision-makers globally believe their email security systems are inadequately equipped to handle cyber-threats. The survey spanned 600 global IT security professionals.
In addition, just over half (53 percent) of IT security decision-makers indicated that malicious insiders are a moderate to high threat to their organization, and one in seven view malicious insiders as their No. 1 threat. In fact, the study found that those who believe they are equipped to thwart malicious insiders aren't any more confident about their protection than those that aren't equipped.
At the heart of the problem: business and IT leaders skew heavily toward the legacy idea of protecting perimeters. Although this approach is still important, it's also somewhat of a distraction. In an era of clouds, APIs, mobility, the internet of things and shared data, clear boundaries are increasingly difficult to distinguish. What's more, someone with inside knowledge might share or use data to launch an attack that appears to come from outside. Or an employee might use a rogue application to spill data or invite a breach.
While there's no silver bullet, CIOs, CSOs and CISOs can take steps to mitigate the problem. The Mimecast report recommends that organizations assign role-based permissions to administrators in order to gain better access control; focus on data exfiltration control, including the ability to cut off a person's ability to send confidential data outside the network; offer training about appropriate and inappropriate use of systems; and nurture a culture of communication so that teams and employees watch out for each other and spot potential problems.
The report also notes that it's critical for senior executives to fully support and fund critical cyber-security measures, and communicate with employees to ensure maximum awareness.