Disclaimer: The views and opinions expressed in this blog are those of the author(s) and may not reflect the official policy or position of Excelsior College. Excelsior makes no claim regarding the suitability of the content for all audiences.
When most people think about cybersecurity, their thoughts immediately turn to hackers and other external threats. This is understandable, but it’s hardly the complete picture. The reality of the situation is that while hackers are indeed a huge danger for businesses of all kinds, organizations must also stand vigilant against cyber threats that originate internally. Without the proper cyber safety protocols, insiders can prove just as damaging to a company’s data protection efforts as hackers.
A recent survey from Vectra Networks highlighted just how big a problem insider threats have become. This report emphasized the fact that effective cybersecurity needs to be comprehensive. This makes it imperative for businesses of all kinds to embrace the tools, strategies and personnel to protect themselves from both internal and external attacks.
Insider threats rising
The Vectra survey included insight from more than 500 cybersecurity professionals, asking them to share their experiences, attitudes and fears regarding insider threats. The report determined that these cybersecurity experts are extremely worried about the prevalence of insider threats and their own companies’ lack of preparedness for warding off these dangers.
“68% of survey respondents feel vulnerable to insider threats.”
Specifically, 68 percent of survey respondents said they feel vulnerable to insider threats while 62 percent said they believe insider threats have become a more frequent issue over the past year. Respondents identified managers with access to sensitive information as the most dangerous form of insider threat, but contractors, consultants and general employees were all widely perceived as potentially problematic in this capacity.
Just as importantly, 62 percent of cybersecurity experts surveyed said that insider threats are more difficult to detect, identify and prevent than external hackers’ efforts.
This last statistic is really worth examining. Insider attacks are, by their nature, challenging to notice because the individuals involved are not necessarily infiltrating a network or bypassing a firewall. Instead, it becomes a question of how they utilize or manipulate the company’s digital resources. Recognizing unusual and suspicious activity is difficult and requires significant experience and expertise.
Fewer than half of the survey respondents said they think they have sufficient control over insider threats at their organizations. And the consequences can be dire: 38 percent of the study participants estimated that remediation for a typical insider attack will cost more than $500,000.
“Insider threats cause long-lasting economic and reputation damage to an organization,” said Holger Schulze, founder of the Information Security Community on LinkedIn, CIO Today reported.
Tools, strategy and personnel
Schulze told the news source that one of the keys to effectively combating insider threats is the implementation of high-quality monitoring tools, as these can help detect signs of an attack while it is happening.
However, it’s important to note that even the most advanced resources will prove insufficient if not utilized effectively. That is why business leaders must also take pains to seek out and hire cybersecurity professionals who understand these threats as well as the tools and strategies necessary to prevent them from doing actual damage.
If you want to learn more techniques for mitigating the insider threat check out our blog.