Businesses today are placing themselves in the firing line as they face the biggest challenge of cyber security. The recent cases of a data breach at Verizon and internal hacking at Expedia, outline how important cybersecurity is to business. Such cyber attacks pose a silent threat for a company with a damage potentially running into billions, besides killing investor confidence and denting brand image.
In order to safeguard the business network, you must first understand what – and where – the biggest risks are.
According to the IBM 2016 Cybersecurity Intelligence Index, 60% of security incidents were carried out by insiders, either with malicious intent or carelessness. EY’s Global Information Security Survey discovered that 56% of organisations consider employees the most likely source of a cyber attack.
So your employees may be the biggest cyber security threat – the Trojan horse within. How do your employees compromise business security?
The 2017 Insider Threat Report cites inadvertent data breaches as topping the list of insider threats (71%), followed by negligent data (68%) and malicious data breaches (61%). This is just the tip of the iceberg, as the “insider” is none other than your employee with physical or remote access to the company assets. He or she has insights into your business vulnerabilities and access to “insider-only” data. The average employee is also known to circumvent access controls, typically unconcerned with potential consequences of his actions.
The internal threat ecosystem affecting your business security
With businesses deploying most of their operations to the cloud and operating in an “always connected” environment, there is need to look at the threat ecosystems within the organisation.
The BYOD culture
The adoption of bring-your-own-device (BYOD) practices, and proliferate use of mobile devices for access to business information, are the greatest security risks. Loss of devices, use of unsecured devices, and rampant sharing of unencrypted data put the business network at risk of cyber attacks.
Threats of Shadow IT
Even as security controls are deployed for known assets, the challenge of “Shadow IT” is a growing threat from within. The risks of non-approved SaaS and IaaS applications can put your data at risk, as they are outside the purview of network controls.
Unapproved / unsecured downloads
Downloading and file sharing is an everyday practice, that nevertheless exposes the system to malwares and hacks. An employee who downloads MP3 files on his device, or uses a peer-to-peer platform may unknowingly share company information.
The increase in connected devices gives more entry points to hackers and cyber criminals. The IoT architecture’s sensor nodes and system network layer are vulnerable attack points.
Unprotected unpatched devices
Devices in use by your employees may not have firewalls or anti-virus programs installed. Unpatched and outdated software are also additional security holes.
Risks of unauthorised access and authentication
Unauthorised access to business data and lapses in the authentication process are some of the most common security breaches.
If your employee or vendor with authorised access has bad intentions, he can indulge in the most unimaginable scenarios of data theft, data breach or damage.
The menace of social engineering
From email attachments and web links loaded with Trojans, to phishing and manipulated disclosure of passwords and sensitive information, this is the most dangerous, yet overlooked menace within an organisation.
Types of insider risks
Security risks from insider behaviour stem from accidents, negligence or malicious intent.
Accidental – The Verizon’s 2016 Data Breach Incident Report cites 30% of security incidents as accidental. When employees are not in the know of cyber security best practices, they may unwittingly put your business at risk by say, clicking on a malicious link, or as in Verizon, incorrectly setting the cloud storage to allow external access!
So an e-mail from what looked like the CEO, asking to pay £25,000 in a specified bank account, may be phishing, and the employee who opens the email may unknowingly cause a security risk.
Negligent – These are the insider threats that arise when your employees circumvent policies in place. For instance, your employees may be using unsecure public cloud applications for file sharing, opening you up to cyber security risks.
Malicious – Espionage, financial gain, or revenge are the prime factors responsible for deliberate malicious attempts at compromising business security. Unlike accidental and negligent risks, malicious insider threats are unexpected and yet, the most potent.
No room for complacency
Insider threats can remain undetected for years, as was found in the Expedia case, and very often hard to prove. Business leader and the C-suite executive thus need to have an internal cyber security strategy that minimises risks of insider threats.
Have a Security Policy in place
Making cyber security a KPI ensures an employee-vested interest in data protection and security.
Strengthen your network access security protocols
A strong identity and access management (IAM) strategy reduces cyber risk by limiting employee access, adopting a strong authentication approach, and controlling privileges across the IT network.
Hack-proof / patch your connected devices
IAM strategies must also address the growing trend of personal and connected devices, by ensuring security compliance.
Minimise vulnerabilities of Shadow IT
Implementing a fluid combination of technologies and practices can help cut down the risks of Shadow IT.
As much of insider threats come from lack of knowledge or a laid back approach to business networks, you must ensure effective training and awareness among your employees to ensure healthy practices.
With more and more cases of insider threats being discovered, businesses must understand the nature of threat perception from within. As a business leader, you cannot afford to be passive. Adoption of a robust cyber security strategy and a practice of internal security audits can help you reduce vulnerabilities and forestall network breaches.
CRIBB Cyber Security can provide end-to-end solutions, official approvals, help, coaching and education to solve these problems and more. For some FREE advice email info@CRIBBcs.net or call 0800 9 101 101. GDPR Readiness needs to be NOW.
CRIBB Cyber Security have the full range of official approvals from GCHQ, CESG and IASME for Cyber Essentials (all), GDPR and much, much, more to help protect you. We are official Cyber Essentials and IASME Governance (GDPR) certifiers as well.