Zero-Trust: Protecting From Insider Threats

Uploaded on 2023-09-25 in NEWS-Cybersecurity News, FREE TO VIEW

Often, when we think of cyber threats, we think of shadowy attackers working in distant locations. However, the truth of the matter is that organisations need to be equally on their guard against insider threats - a cybersecurity risk that comes from within. 

Whilst these can be malicious, more often than not insider threats are accidental, coming from unintended carelessness or error. These incidents can be hugely damaging, affecting 34% of businesses globally every year. With each occurrence costing an average of $871,000, it’s imperative that businesses get to grips with how to prevent them. 

Taking A Zero-Trust Approach

There is a wealth of advice out there on dealing with insider threats. However, according to Kamil Fedorko, Global Cybersecurity Practice Leader at Intellias, most strategies are based on just two concepts:

  • “Zero Trust Strategy: A high-level operational strategy that inherently assumes that no device, user, service, or network can be trusted. 
  • Least Privilege Principal Concept and Role-Based Access Control: Concepts and methodologies that dictate how and why a particular entity should not have more access than is required to finish a particular function or task.”

He argues that these must be sufficiently implemented into the cybersecurity fabric of the company before organisations look to implement “the newest and greatest capabilities, such as user behaviour analysis (UBA), data loss prevention (DLP), and eventually extended detection and response (XDR) solutions.”

Andy BatesPractice Director - Security at Node4, agrees that these are the fundamentals when it comes to protecting from insider threats. He suggests: “Best practise should be to apply role-based access control and a ‘zero-trust’ mindset. This means that only employees who require information to perform their job can access it and that their identity is reconfirmed whenever they do. This should be a minimum for all organisations to reduce the risk of data breaches and stop possible threats in their tracks.”

A key component of this zero-trust approach should be up to date authentication methods. “Antiquated authentication methods - be it passwords or traditional MFA - continue to put organisations at risk,” explains Jasson Casey, CTO at Beyond Identity. “Authentication that has been designed to accelerate the journey to zero trust security paradigms significantly reduces risk by ensuring continuous authentication whilst eliminating all credentials and codes that attackers use to plant ransomware crops.”

As well as implementing the right technology, a successful zero-trust requires a staff training programme. Hugh Scantlebury, CEO and Founder of accounting services firm, Aqilla, argues that “no matter how advanced our IT security solutions have become, businesses still need people to play an active part in identifying insider threats... all too often, we don’t know how to spot the early signs of an internal IT security breach - or if we do see something suspicious, we’re conflicted about coming forward in case we wrongly accuse a colleague.If we can all become engaged bystanders, we can objectively spot the very early and subtle signs of an escalating insider threat.

Organisations need to create an environment where engaged bystanders can feel confident about reporting their concerns. This means regular and consistent education about potentially suspicious behaviour and a commitment to developing processes and frameworks that allow potential worries to be reported in confidence.

Adapting For A Changing World

An added challenge for businesses today when facing insider threats is a combination of the swift rise of remote work and a move away from centralised onsite data systems. As Gal Helemski Co-Founder and CTO of PlainID, explains: “Since many enterprises are working remotely, now more than ever, confirming identities has become the cornerstone of organisational security. As most data is stored on cloud-based services, it only takes one misuse of a pre-existing or stolen credential for a company’s entire digital landscape to be left open and exposed... The pathway to cyber security comes from trusting no one – not even regular employees on trusted devices. This might sound extreme, but unless there’s real-time monitoring and authorisation, you cannot be 100% sure that this user has the right to be accessing this data.”

Hubert Da Costa, Chief Revenue Officer at cellular network services firm Celerway, comments, “... as more companies continue the trend away from core, localised data centres to edge-based connectivity - particularly in industries such as engineering, utilities and transport -  it’s vitally important that employees are able to connect to corporate HQ securely at the edge.” 

Overall, there is an emerging view that organisations need a holistic approach to edge connectivity can give organisations comprehensive access control and authentication, allowing only authorised personnel into the network, and most importantly, the ability to identify suspicious activities that might indicate insider threats. 

Conclusion

Human beings will always make mistakes, let their guard down, and behave in ways that leave company data exposed. Creating engagement requires ongoing awareness training that is specific and contextual, which means making sure that employees fully understand the security threats to data and to the organisation and the likely outcomes in the case of a breach.

Image: Tim van Der Kuip

You Might Also Read: 

Insider Threat Management: Keep Up With Growing Threats:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Europol Identifies The Top Cyber Threats
Unmasking The Silent Threat Of Cryptojacking  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cynet

Cynet

Cynet simplifies security by providing a rapidly deployed, comprehensive platform for detection, prevention and automated response to advanced threats with near-zero false positives.

Group-IB

Group-IB

Group-IB is a leading provider of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigating high-tech crimes, and protecting intellectual property.

HANDD Business Solutions

HANDD Business Solutions

HANDD are independent specialists in data protection with expertise at every stage of the Protect, Detect and Respond cycle, from consultancy and design, right through to installation.

CDNetworks

CDNetworks

CDNetworks is a global content delivery network with a fully integrated cloud security solution, offering unparalleled speed, security and reliability for the almost instant delivery of web content.

Sentropi

Sentropi

Sentropi is an online protection solution against charge backs, account takeovers, identity thefts and online scams.

Alsid

Alsid

Alsid helps corporates to anticipate attacks by detecting breaches before hackers can exploit them.

spriteCloud

spriteCloud

spriteCloud is an independent software testing, test automation and cybersecurity services provider.

Internet Crime Complaint Center (IC3)

Internet Crime Complaint Center (IC3)

The Internet Crime Complaint Center provide the public with a reporting mechanism to submit information to the FBI concerning suspected Internet-facilitated criminal activity.

Cyber Defense Networking Solutions (CDNS)

Cyber Defense Networking Solutions (CDNS)

CDNS is a global network infrastructure provider whose platforms are engineered for security, optimized for speed and designed for resiliency.

Ankura Consulting Group

Ankura Consulting Group

Ankura is a global expert services and advisory firm that delivers services and end-to-end solutions in a wide range of areas including cybersecurity and digital transformation.

Exceed Cybersecurity & I.T. Services

Exceed Cybersecurity & I.T. Services

Exceed Cybersecurity & I.T. Services is a premier Managed Internet Technology (I.T.) company with a focus in cybersecurity risk management and CMMC compliance management.

Phriendly Phishing

Phriendly Phishing

Phriendly Phishing offers phishing awareness training programs designed to ward off potential security threats and minimise the impact of cyber attacks.

Colt Technology Services

Colt Technology Services

Colt Technology Services (Colt) is a global digital infrastructure company which creates extraordinary connections to help businesses succeed.

Methods

Methods

Methods is the leading digital transformation partner for the UK public sector. We care deeply about making our public services better and have been doing this for over 28 years.

Corix Partners

Corix Partners

Corix Partners is a Boutique Management Consultancy Firm focused on assisting CIOs and other C-level executives in resolving Cyber Security Strategy, Organisation and Governance challenges.

CyberUpgrade

CyberUpgrade

CyberUpgrade is on a mission to empower executives to gain control over their organization’s cybersecurity.