Seven Profiles Of Highly Risky Insiders

Uploaded on 2016-04-19 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

To understand these insiders and why they pose a risk, start by looking at the root of the problem.

There are plenty of articles with scary numbers about the size and scope of the Insider Threat. This isn’t one of them – you already know it’s a huge concern and that few organizations maintain a reasonable level of control over it. So where do you get started? By looking at the root of the problem to understand who these insiders are, and why they pose a risk.

You may be tempted to match these insiders to specific jobs or roles. But it’s best to resist such an impulse, because insider traits emerge throughout an organization, regardless of a threat’s position. To lend clarity, here are seven profiles of common high-risk insiders.

Convenience Seekers like to ignore protocol. The "official" way to do things is too long, difficult, or complicated. Or they may prefer their own methods, such as opting for their preferred file-sharing service instead of a corporate one. They’ll also frequently use personal email to get around performance or attachment size limitations.

Accidental Victims make mistakes, perhaps because of a lack of training (or learning) of proper processes and systems. Accidental Victims will hit the wrong button, send a document to the wrong "Bob" or otherwise make an honest mistake. Most likely, our Accidental Victims are tired, stressed or distracted when they do these things. They’re especially vulnerable because external threats often "create" fear and panic as part of a phishing scheme or phone scam, so their targets won’t realize that they’re being set up.

Know-It-Alls want to "contribute," "show value," and be visible whenever possible. Unfortunately, they may over-share information in an email response. They might respond to a request when someone more qualified should. Or they could initiate communications about topics with less than the required tact or subtlety. They’ll post on social media before they think about sensitive topics such as unannounced quarterly results. Some Know-It-Alls will intentionally seek to steal or manipulate sensitive information for fun, out of curiosity – or to prove they can.

Untouchables do not believe that any of the "scary stories" could happen to them. They’ve earned privileged access, and they’re copping a cavalier attitude about it. IT personnel may constantly take advantage of their super-user credentials out of convenience, for example, only to cause malware infection of a mission-critical server when they open a highly targeted phishing email. Auditors, financial execs, developers, and others with privileges could retain too much information locally, then lose their laptop, or leave it out in the open for a thief to swipe.

Entitled Ones are convinced that they have a right to certain types of data, or to do things their own way. They ignore process or policy. They’ve concluded that they "own" data, including customer lists, source codes, scientific research, and process documentation/templates. And while we normally associate the C-suite with those who do not feel the rules apply to them, anyone can develop this attitude at any level of the company.

Traitors are malicious employees. Sometimes, they’re hatching a plot at the time of being hired. More often, however, they harbor good intentions on the first day of work, but lose their moral compass after falling into debt or growing disgruntled over a lack of upward mobility and/or a salary increase. Or they internalize destructive discontent due to differences with colleagues, bosses, or the organization itself.

Secret Insiders aren’t supposed to be inside at all. But that’s where they are, having effectively executed the first stage of an external attack: gaining a foothold inside the network. (While we’ve focused on "defenses" against such attacks for the last few decades, the reality is that a breach will be successful at some point.) At this stage, Secret Insiders have network access, and security requires that measures be in place to "detect" such a breach. But, unlike the six aforementioned high-risk profiles, they are professional hackers. They’re motivated, knowledgeable – and now command all of the access and privileges of an insider.

For better or worse, security options have evolved from early login IDs/passwords, firewalls, and desktop anti-virus (AV) products to dozens of solutions that work in concert to protect the network, users, and data. An Insider Threat program will implement many of these, such as access controls and data loss prevention (DLP) tools, along with well-defined (and enforced) processes and newer technologies, like User Behavior Analytics (UBA).
 
Bottom line: user education is not new. But it is frequently overlooked as a potential solution due to mindsets developed when most of us didn’t know how to change the clocks on our VCRs, and never bothered to learn.

(Congratulations if you did not need to Google "VCR" to understand that sentence). Yet, today’s employees were raised with Nintendo, the Internet, and smartphones. They take pride in knowing about the latest apps, and every feature of their mobile devices. This means organizations can appeal to this generation’s "tech pride," educating them about how recommended "professional habits" can elevate them to positions of trust.

In other words, users are more capable of recognizing risks, and the value of preventative measures and processes, if we simply involve them.

DarkReading: http://ubm.io/1qVMYFI

« The Growing Cyber Threat From Iran
Convoy Of Self Driving Trucks Completes European Cross-Border Trip »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

Nethemba

Nethemba

Nethemba provide pentesting and security audits for networks and web applications. Other services include digital forensics, training and consultancy.

CYBER 1

CYBER 1

CYBER 1 provides cyber security solutions to customers wanting to be resilient against new and existing threats.

AKATI Sekurity

AKATI Sekurity

AKATI Sekurity is a security-focused consulting firm providing services specializing in Information Security and Information Forensics.

United Biometrics

United Biometrics

United Biometrics is an anonymous and real-time authentication platform designed to stop the fraud for mobile payments, e-Commerce and applications.

StepStone

StepStone

StepStone is one of the leading online job platforms in Germany, and other countries, covering all industry sectors including IT and cybersecurity.

Two Six Technologies

Two Six Technologies

Two Six Technologies delivers R&D, innovation, productization and implementation expertise in cyber, data science, mobile, microelectronics and information operations.

StickmanCyber

StickmanCyber

At StickmanCyber we are on a mission to create a digital world that is safe for everyone - we are your trusted cybersecurity partner.

BaXian Group

BaXian Group

BaXian AG is an international consulting company specializing in IT security, data analytics, risk management and compliance.

Beyon Cyber

Beyon Cyber

Beyon Cyber offer a complete portfolio of advanced solutions & services for cyber security in Bahrain.

CyberXpert

CyberXpert

CyberXpert is your cybersecurity partner for the public and private sector in Belgium.

Amtivo Ireland

Amtivo Ireland

Amtivo Ireland (formerly Certification Europe and EQA) offers a range of certifications and related services.

Sword Group

Sword Group

Sword is a leader in data insights, digital transformation and technology services with a substantial reputation in complex IT, business projects and mission critical operations.

Velotix

Velotix

Velotix empowers organizations to maximize the value of their data while ensuring security and compliance in a rapidly evolving regulatory landscape.

Airbus Protect

Airbus Protect

Airbus Protect is an Airbus subsidiary bringing together the Company’s expertise in cybersecurity, safety and sustainability-related services.

Couno

Couno

Couno is a trusted provider of IT support services throughout the UK and Europe.