Seriously?! Can You Not Do That? | Prologue

By Sean Martin, CISSP

When it comes to data loss and theft, there are essentially two types of insiders: those that are already in the organization (employees and partners) and those that “break in” and essentially become insiders (hackers).

While a recent annual report produced by DTEX states that, overall, 60 percent of all attacks are carried out by insiders, their report breaks down the employee/partner definition a bit further to capture intent: 68 percent of all insider breaches are due to negligence; 22 percent are from malicious insiders. This leaves the remaining 10 percent tied to, presumably, credential theft from the “outside-in” insiders.

“People aren’t perfect, we get busy and we forget things that don’t have a direct impact on us in the moment,” says Paula Long, CEO and co-founder of DataGravity.

While this is true, it doesn’t mean that they should be let off the hook without some sort of consequence or punishment. Or should they?

“If employees are not vigilant in how they use business systems such as email, phone and mobile, for example, they can open the door for hackers,” says Mordecai Rosen, general manager for CA Technologies’ security business. “If [employees’] credentials are then hijacked, outside hackers suddenly appear to be insiders.”

Regardless of the type of insider the company has to deal with, organizations should pay very close attention to not just employees leaving the company, but also those joining the company.

“The current trend shows that the first and last two weeks of employment for employees are critical as 56 percent of organizations had potential data theft by leaving or joining employees in that time.”

I wanted to dig deeper into this topic, so I reached out to the InfoSec community to help me capture some of the more common scenarios and troubling cases where employees could cause a company harm, both unknowingly and maliciously.

Below are the topics that came my way which we will explore in more detail as part of this Insider Threat article series on ITSPmagazine. We will be publishing each article as they are finalized.

 


Thanks to the following companies for their contribution to this series: