Partner Content: One step ahead: The importance of a proactive approach to insider threats

clock • 3 min read
Partner Content: One step ahead: The importance of a proactive approach to insider threats

When it comes to cyber security threats, organisations cannot afford to take a reactive approach and merely respond to issues after they have occurred.

This is especially true of insider threats - that is, threats posed by individuals from within an organisation, such as current or former employees.

With malicious insider incidents averaging costs of almost $650,000 and negligent users giving rise to $484,000 losses, while taking an average of 85 days to contain, the damage to reputation, productivity and security may be difficult to recover from.  

Data loss and breaches can often be traced back to an individual's actions, whether that is a malicious attacker, a disgruntled employee or a careless user.

Computing research conducted in 2022 found that insider threats are a top three risk for one in five organisations. This is unsurprising, given the widespread shift to remote working and rapid digital transformation in 2020. That unintentionally set the stage for insider threats, both malicious and accidental, to expand.

Greater use of the cloud, as well as employees using personal devices at home and on an array of networks, has meant that systems, tools and applications are increasingly vulnerable.

Ensuring your organisation is protected requires a proactive approach comprising both technical and non-technical emphasis.  

The risk signs

"Problem in chair, not in computer" (PICNIC) is a term used to convey that security breaches are often the result of human error or intent - ill or otherwise. If employees do not receive effective training that stresses the importance of cyber vigilance, they may inadvertently cut corners.

Unaware of the risks they face, users will break security policies to reduce friction in their day-to-day workloads. Forgetting to regularly update and patch their devices, misplacing devices, or sending confidential data to unsecured locations are all problems that can arise because of poor cyber hygiene.

Employees are more likely to respond to ongoing education and support rather than targeted coaching after making a mistake. Encouraging your workforce to continually learn and improve on how they interact with data will ensure your entire organisation is one step ahead of vulnerabilities.

The importance of real-time monitoring

As well as careless users, malicious insiders pose a real threat to organisations and their data. No amount of training can prevent malicious intent. However, holistic visibility and monitoring can prevent this intent from wreaking real damage.

Departing employees must have their access completely withdrawn and IT teams must have full visibility of how data is being moved across cloud, email, endpoints, and the web. Automation has a role to play here too, accelerating incident identification and response time in a way that is easily visualised.

Amidst economic downturn and widespread layoffs, employee numbers are fluctuating. This means it is all the more important to keep track of access rights, revoke access when immediately necessary, and ensure verification and authentication methods are in place. Organisations that promote the collaboration between security and other teams like HR and Legal to achieve this approach will be better positioned to confidently combat the risks associated with insider threats.

Staying one step ahead

The monetary costs of data loss from insider threats are direct and straightforward to comprehend. However, the indirect costs from disruption and the potential loss of opportunities for your organisation can stealthily creep up.

Creating a culture of cyber vigilance, training employees on best practice and investing in technologies that promote visibility and integration across cloud, email, endpoints and web are the best way to protect your organisation and take a proactive approach to insider threats.

To read more about Ponemon's research on the costs of insider threats, click here

This post was funded by Proofpoint

You may also like
ICO breaks silence on Bank of America fraud case

Legislation and Regulation

Data regulator has maintained a 'no comment' policy for months

clock 11 April 2024 • 3 min read
The Righteous Moraliser - a new kind of insider threat

Threats and Risks

The risk of insider threats has long been high on the agenda of information security professionals.

clock 18 October 2023 • 4 min read
Long Reads: A chance meeting cost this CIO £400,000


Betrayal, bewilderment and Bank of America

clock 02 October 2023 • 7 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security

Asian Tech Roundup: Pressure grows in US-China trade war

Asian Tech Roundup: Pressure grows in US-China trade war

Plus: Google 'accidentally' deletes pension fund's cloud account

Tom Allen
clock 17 May 2024 • 4 min read
Maritime security: 'Hacking a ship is just like hacking a Tesla but bigger'

Maritime security: 'Hacking a ship is just like hacking a Tesla but bigger'

Cyberattacks on shipping up 400-500% in five years, Lloyds List Intelligence

John Leonard
clock 16 May 2024 • 4 min read
Tories self-refer to ICO over data breach

Tories self-refer to ICO over data breach

Revealed hundreds of personal email addresses by forgetting to BCC

Tom Allen
clock 15 May 2024 • 2 min read