Connect with us

Hi, what are you looking for?

Business

Insider threats are inherent to every organization

According to the report, 63 percent of cybersecurity cases affecting businesses were the result of the actions of current or former employees. This is based on research collated by the Global State of Information Security Survey, conducted by PwC.

The LogRhythm analysis (available via Insights for Professionals) reveals that most organisations are built around technology. However, an inherent weakness is that most of this technology is controlled and managed by humans. This means that for a network to remain secure, trust is an essential element. This is because, not least, that employees access critical and sensitive data.

While organisations can put controls in place, such as controlling access through the use of passwords or key cards, systems often fail. It also stands that as companies grow, in terms of employee numbers, an organisation’s vulnerability to insider threats proportionately rises.

The main risks are either that sensitive data is stolen, deleted or exposed by malicious individuals with access to it. Or, and this is equally as probable, damage or theft occurs because of simple carelessness or by an employee inadvertently responding to a successful phishing attack.

One common concern is that 49 percent of users admit to having shared their network password with one or more people, according to a study by Brutus to Snowden called “A Study of Insider Threat Personas.”

In terms of solutions to these problems, the LogRhythm analysis says that a suitable system for controlling access needs to be in place supported by having effective systems for monitoring.

To achieve this, many firms need to move beyond the limited view of just the network perimeter, which is commonly used to guard against external threats and security breaches and instead construct enhanced internal security controls, this taking a more holistic view of cybersecurity.

This can involve developing intelligent monitoring systems in-house geared around user and entity behavior analytics. This is a cybersecurity process focused on detection of insider threats. Such solutions examine patterns of human behavior, and then apply algorithms and statistical analysis in order to detect meaningful anomalies from those patterns. These anomalies may indicate potential threats.

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

World

Nearly 200 nations start online negotiations Monday to validate a UN science report.

Business

Streaming services and record labels can no longer justify paying artists derisory sums. Time for change has come.

World

Embattled Malaysian Prime Minister Muhyiddin Yassin has reconvened parliament as he faces mounting criticism that his government does not have majority support - Copyright...

World

Indonesia has been struggling to contain one of the biggest coronavirus outbreaks in the world - Copyright AFP SONNY TUMBELAKASmall shops, streetside restaurants and...