Seven Profiles Of Highly Risky Insiders

Uploaded on 2016-04-19 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

To understand these insiders and why they pose a risk, start by looking at the root of the problem.

There are plenty of articles with scary numbers about the size and scope of the Insider Threat. This isn’t one of them – you already know it’s a huge concern and that few organizations maintain a reasonable level of control over it. So where do you get started? By looking at the root of the problem to understand who these insiders are, and why they pose a risk.

You may be tempted to match these insiders to specific jobs or roles. But it’s best to resist such an impulse, because insider traits emerge throughout an organization, regardless of a threat’s position. To lend clarity, here are seven profiles of common high-risk insiders.

Convenience Seekers like to ignore protocol. The "official" way to do things is too long, difficult, or complicated. Or they may prefer their own methods, such as opting for their preferred file-sharing service instead of a corporate one. They’ll also frequently use personal email to get around performance or attachment size limitations.

Accidental Victims make mistakes, perhaps because of a lack of training (or learning) of proper processes and systems. Accidental Victims will hit the wrong button, send a document to the wrong "Bob" or otherwise make an honest mistake. Most likely, our Accidental Victims are tired, stressed or distracted when they do these things. They’re especially vulnerable because external threats often "create" fear and panic as part of a phishing scheme or phone scam, so their targets won’t realize that they’re being set up.

Know-It-Alls want to "contribute," "show value," and be visible whenever possible. Unfortunately, they may over-share information in an email response. They might respond to a request when someone more qualified should. Or they could initiate communications about topics with less than the required tact or subtlety. They’ll post on social media before they think about sensitive topics such as unannounced quarterly results. Some Know-It-Alls will intentionally seek to steal or manipulate sensitive information for fun, out of curiosity – or to prove they can.

Untouchables do not believe that any of the "scary stories" could happen to them. They’ve earned privileged access, and they’re copping a cavalier attitude about it. IT personnel may constantly take advantage of their super-user credentials out of convenience, for example, only to cause malware infection of a mission-critical server when they open a highly targeted phishing email. Auditors, financial execs, developers, and others with privileges could retain too much information locally, then lose their laptop, or leave it out in the open for a thief to swipe.

Entitled Ones are convinced that they have a right to certain types of data, or to do things their own way. They ignore process or policy. They’ve concluded that they "own" data, including customer lists, source codes, scientific research, and process documentation/templates. And while we normally associate the C-suite with those who do not feel the rules apply to them, anyone can develop this attitude at any level of the company.

Traitors are malicious employees. Sometimes, they’re hatching a plot at the time of being hired. More often, however, they harbor good intentions on the first day of work, but lose their moral compass after falling into debt or growing disgruntled over a lack of upward mobility and/or a salary increase. Or they internalize destructive discontent due to differences with colleagues, bosses, or the organization itself.

Secret Insiders aren’t supposed to be inside at all. But that’s where they are, having effectively executed the first stage of an external attack: gaining a foothold inside the network. (While we’ve focused on "defenses" against such attacks for the last few decades, the reality is that a breach will be successful at some point.) At this stage, Secret Insiders have network access, and security requires that measures be in place to "detect" such a breach. But, unlike the six aforementioned high-risk profiles, they are professional hackers. They’re motivated, knowledgeable – and now command all of the access and privileges of an insider.

For better or worse, security options have evolved from early login IDs/passwords, firewalls, and desktop anti-virus (AV) products to dozens of solutions that work in concert to protect the network, users, and data. An Insider Threat program will implement many of these, such as access controls and data loss prevention (DLP) tools, along with well-defined (and enforced) processes and newer technologies, like User Behavior Analytics (UBA).
 
Bottom line: user education is not new. But it is frequently overlooked as a potential solution due to mindsets developed when most of us didn’t know how to change the clocks on our VCRs, and never bothered to learn.

(Congratulations if you did not need to Google "VCR" to understand that sentence). Yet, today’s employees were raised with Nintendo, the Internet, and smartphones. They take pride in knowing about the latest apps, and every feature of their mobile devices. This means organizations can appeal to this generation’s "tech pride," educating them about how recommended "professional habits" can elevate them to positions of trust.

In other words, users are more capable of recognizing risks, and the value of preventative measures and processes, if we simply involve them.

DarkReading: http://ubm.io/1qVMYFI

« The Growing Cyber Threat From Iran
Convoy Of Self Driving Trucks Completes European Cross-Border Trip »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CloudCheckr

CloudCheckr

CloudCheckr is a next-gen cloud management platform that unifies Security & Compliance, Inventory & Utilization and Cost Management.

VisionWare

VisionWare

VisionWare provide consulting services and solutions in areas covering both physical and digital security.

NAVEX Global

NAVEX Global

NAVEX Global’s compliance management system consolidates your entire GRC program onto a scalable cloud-based platform.

Fly Ventures

Fly Ventures

Fly Ventures is a seed-stage venture capital fund for outstanding teams building Enterprise and Deep Tech startups in Europe.

AppOmni

AppOmni

AppOmni is the only SaaS CSPM solution that gives teams all the tools they need to be successful – from security posture management to monitoring and detection to continuous compliance.

Jamf

Jamf

Jamf is the only Apple Enterprise Management solution of scale that remotely connects, manages and protects Apple users, devices and services.

Rolls-Royce Cybersecurity Technology Research Network

Rolls-Royce Cybersecurity Technology Research Network

Rolls-Royce has partnered with Purdue University and Carnegie Mellon University to create the Rolls-Royce Cybersecurity Technology Research Network.

Mission Critical Partners (MCP)

Mission Critical Partners (MCP)

Mission Critical Partners is committed to delivering innovative solutions that help our clients enhance and evolve their critical-communications systems and operations.

Nitel

Nitel

Nitel is a leading next-generation technology services provider. We simplify the complex technology challenges of today’s enterprises to create seamless and integrated managed network solutions.

GoPlus Security

GoPlus Security

GoPlus is working as the "security infrastructure" for web3, by providing open, permissionless, user-driven Security Services.

Utimaco

Utimaco

UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions.

Tsaaro Academy

Tsaaro Academy

Tsaaro Academy is a unique privacy certification training platform and here you earn a privacy certification CEH, CISM and DPO from India’s No.1 Privacy training platform.

Benchmark IT Services (BITS)

Benchmark IT Services (BITS)

BITS is a leading cyber security company in Australia. Our certified professionals work with you to keep your data assets safe and secure.

Star Lab

Star Lab

Star Lab specializes in the development and productization of embedded security technologies.

Intellinexus

Intellinexus

Intellinexus turns data into actionable insights to revolutionise decision-making in your business.

Kahootz

Kahootz

Kahootz is a highly secure cloud collaboration platform helping teams to work together across organisations.