Author: Regine Bonneau / Source: Information Security Buzz
What is an Insider Threat?
According to US-Cert.gov, an Insider Threat is a current or former employee, contractor, or other business partner who has or had authorized access to an organization’s network, system, or data and intentionally misused that access to negatively affect the confidentiality, integrity, or availability of the organization’s information or information systems.
Why should the average company be concerned about Insider Threats?
Many companies worry about insiders stealing physical property, but theft and misuse of intellectual property, systems and data may have an even greater negative impact on their business. Abusing access rights and insider cyber theft may lead to exposure of sensitive or negative information, proprietary information landing in competitors’ hands, a breakdown of operating systems, and a host of other consequences that compromise the company’s brand, finances, reputation and operation.
How is an Insider Threat different from a standard cybersecurity threat?
An Insider Threat is particularly dubious because it emanates from a person who has or had authorized access to an organization’s network, system or data. The insider carelessly or intentionally exceeds or uses their access in a manner that negatively affects the confidentiality, integrity or availability of the organization’s information or information systems.
Examples of Insider Threats include:
- Careless or Uninformed Users including undertrained staff, accident-prone employees, negligent workers, mismanaged third-party contractors, and overwhelmed personnel
- Malicious Users including those who seek to harm the organization or benefit themselves through theft and misuse of company assets.
How can a business protect itself from Insider Threats?
Businesses can protect against Insider Threats by having a basic layered security framework along…
Click here to read more