Connect with us

Hi, what are you looking for?

Business

Watch out for the insider threat

Cybercriminals are finding new and innovative ways of tricking employees into clicking links that enable ransomware to infiltrate companies.

Man working in an office at a computer. — Photo: © Tim Sandle
Man working in an office at a computer. — Photo: © Tim Sandle

September 2022 is Insider Threat Awareness Month. This is an important moment for many businesses to reflect on the cybersecurity risks posed to their firms from their own employees.  Each year adopts a different theme (for those interested in 2021’s focus, Digital Journal covered the event last year).

According Eric Bassier, Senior Director Products at Quantum, the challenges faced by firms in 2022 are greater than those that were apparent last year.

As Bassier  explains to Digital Journal: “Insider threats are not always the result of malicious actors. In fact, research shows careless insiders are the most common reason and account for 63 percent of all incidents.”

Bassier adds: “Cybercriminals are finding new and innovative ways of tricking employees into clicking links that enable ransomware to infiltrate an organization’s infrastructure. And while ransomware attacks have continued to increase this year (up 13 percent) it is not the only outcome of an insider threat attack.”

There are a constant series of risks to consider, as Bassier notes: “Increasingly sophisticated malware is destroying computers and computer systems, and organizations are suffering data loss and credential theft. Not to mention revenue loss and the potentially irreparable damage to a business’ reputation.”

This places renewed challenges upon organisations. Here Bassier  states: “The requirements for protecting data continue to get more complex – organizations are managing massive data growth across databases, virtual environments, and unstructured data sets.”

To strengthen cybersecurity and reduce business risk, Bassier  recommends that organizations must employ a multi-layered data protection approach to ensure resiliency and recoverability at any point of its data’s lifecycle.

His advice is:

  • Keep three copies of data (one is the primary copy, plus two backup copies), and keep those backup copies on two types of media – for example disk and tape
  • Primary backup storage, such as high-speed disk-based or flash-based backup systems, should employ immutable snapshots to protect “primary” backup data sets
  • Tape libraries provide an option for secure, offline storage to keep a copy of data as a “last line of defence.”

Bassier’s final advice is: “If considering object storage for either your primary backup storage or for long term retention of backup data, use versioning and object locking to provide immutability.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, business, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Entertainment

On December 3rd, veteran actress and musician Alicia Witt made her debut at 54 Below in New York City.

Business

The Government of Alberta today introduced a strategy to establish itself as North America's premier destination for AI data centres.

Business

While many hiring managers may overlook a white lie or two, a well-written CV will clearly include examples of your individual contribution.