Connect with us

Hi, what are you looking for?


Insider threats are inherent to every organization

According to the report, 63 percent of cybersecurity cases affecting businesses were the result of the actions of current or former employees. This is based on research collated by the Global State of Information Security Survey, conducted by PwC.

The LogRhythm analysis (available via Insights for Professionals) reveals that most organisations are built around technology. However, an inherent weakness is that most of this technology is controlled and managed by humans. This means that for a network to remain secure, trust is an essential element. This is because, not least, that employees access critical and sensitive data.

While organisations can put controls in place, such as controlling access through the use of passwords or key cards, systems often fail. It also stands that as companies grow, in terms of employee numbers, an organisation’s vulnerability to insider threats proportionately rises.

The main risks are either that sensitive data is stolen, deleted or exposed by malicious individuals with access to it. Or, and this is equally as probable, damage or theft occurs because of simple carelessness or by an employee inadvertently responding to a successful phishing attack.

One common concern is that 49 percent of users admit to having shared their network password with one or more people, according to a study by Brutus to Snowden called “A Study of Insider Threat Personas.”

In terms of solutions to these problems, the LogRhythm analysis says that a suitable system for controlling access needs to be in place supported by having effective systems for monitoring.

To achieve this, many firms need to move beyond the limited view of just the network perimeter, which is commonly used to guard against external threats and security breaches and instead construct enhanced internal security controls, this taking a more holistic view of cybersecurity.

This can involve developing intelligent monitoring systems in-house geared around user and entity behavior analytics. This is a cybersecurity process focused on detection of insider threats. Such solutions examine patterns of human behavior, and then apply algorithms and statistical analysis in order to detect meaningful anomalies from those patterns. These anomalies may indicate potential threats.

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

Oxford Research reveals high blood glucose reprograms the metabolism of pancreatic beta-cells in diabetes.

Tech & Science

The ransomware attack on AirAsia serves as a sobering reminder of the growing threat to critical infrastructure globally.


Six million people were on Friday under Covid lockdown in a Chinese city home to the world's largest iPhone factory.


French retail giant Carrefour is still selling Brazilian beef products linked to destruction of the Amazon rainforest.