A series on the Insider Threat – and your first tip on dealing with it!

Recently I have covered a couple of incidents that revolve around a betrayal of trust – often called the insider threat:

The Insider Threat – it may be at the top of the company… – Smart Thinking Solutions

The Insider Threat and $250,000 – Smart Thinking Solutions

This got me thinking and reading about the problem (Arsenault. (2022) and Colwill. (2009) among others), as it is one of the hardest cyber security breaches for any organisation to defend against. To operate you have to trust someone with sensitive information, to get a job done, then they betray that trust.

I know of a business who said they trusted no-one, they are a one-person company. I thought this was odd when I got involved with them, as the company appeared to be successful and undertaking more projects than a single person could manage. When I examined their set up, I soon discovered that to do this work a range of sub-contractors were employed located around the world – all of whom were trusted with sensitive client information, and that was just the start. I created several schemes, policies and procedures to add some reassurance and resilience to this operation, all to mitigate the “unseen” insider threat.

There are few technical solutions that will work, as they usually impede the workflow and so negate their effectiveness. Activity logging may be a deterrent but is often only good after the event for evidence of wrongdoing.

Here is one tip on how to mitigate it:

I have started an occasional series over on our online training site CyberAwake, examining the insider threat and possible mitigation that smaller organisations can implement. Part 1 was yesterday, part 2 is tomorrow, with further installments to follow.

The Insider Threat – the threat landscape and the first steps… – CyberAwake

Have a look it may give you some ideas and prevent information leaking from your organisation.

Clive Catton MSc (Cyber Security) – by-line and other articles

Further Reading

If you must use portable USB drives, then you must read this…

It happens to the biggest of companies:

Do you need some training?

phishing emails
Cyber Security Experts | Awareness | Training (cyberawake.co.uk)

References

Arsenault, B. (2022). Microsoft publishes report on holistic insider risk management. Microsoft Security Blog. Retrieved 12 October 2022, from https://www.microsoft.com/security/blog/2022/10/06/microsoft-publishes-new-report-on-holistic-insider-risk-management/.

Colwill, C. (2009). Human factors in information security: The insider threat–Who can you trust these days?. Information security technical report14(4), 186-196.

insider threat 200