Insider threat can be eliminated with a proactive approach


The media would lead us to believe that the greatest threats faced in today’s digital business world are that of ransomware and ID theft. While they may be right, there is an equally damaging malady lurking right under our noses that is often overlooked – insider threat. This article identifies what insider threats are and looks at some of the mitigation strategies we can use to address it.

Just over ten years ago, I attended a conference in London run by the UK’s equivalent of the Australian Signals Directorate (ASD), GCHQ. The theme of the day focused on insider threats with myriad presentations explaining how UK industry and government agencies should be preparing to detect, defend and respond to this kind of insidious menace. As each of the speakers took to the podium, we were taken through a journey of fear, betrayal, espionage and human vulnerability that showed the audience just how real and pervasive this issue is. Indeed, for some businesses and government agencies handling particularly sensitive information, the threat from rogue insiders can become existential if not adequately addressed. As I said, this conference was over ten years ago, but the world has changed incredibly over the last decade, with new threats becoming chic and newsworthy, while these kinds of attacker have dropped off the radar of public opinion. Starting with the 2013 Target attack, hackers made off with almost 40 million credit card and debit card accounts from Target’s systems. This was the first major media event of the new world, where large-scale data breaches made news – especially because of their far reaching impact on society. Since then we’ve seen dozens of big brands in the news, such as Sony, Home Depot, Talk Talk (in the UK), with David Jones and Kmart also being hit here in Australia. We’ve also seen another peculiar trend emerge from the backrooms of security research companies, where new vulnerabilities are marketed with a sexy name, well-designed websites and sensationalist commentary to make them newsworthy. If the security team is not focusing on these two areas, then they aren’t doing their job right, while all the other threats fall by the wayside. But this approach is wrong. Managing security outcomes aligned with this kind of media sensationalism will only serve to protect one aspect of your castle, so you’ll have all your troops at the front gate, not realising your tunnels are unprotected and your streets are full of spies…Click HERE to read full article.