Insider Threat

The SANS Institute released a report earlier this year on Insider Threats and the Need for Fast and Directed Response. The report talks about the importance of recognizing insider threats, whether accidental or intentional, why they occur and their implications, which often are more dire than external attacks alone.

While much attention is paid to cyber attacks, the root of many data breaches is actually internal. Bloomberg Law just released a survey identifying vendors and insiders as the biggest risks to corporate data security. The survey revealed that vendors and insiders are rated the most poorly among employer performance, showing that corporations are failing to manage the risks of vendors and insiders.

According to the 2015 Cyber Security Intelligence Index compiled by IBM, there are more successful cybersecurity incidents than ever before. Between 2013 and 2014, the number of security events dropped by 36%, but the number of resultant security incidents remained static, showing a greater success rate. Even more troubling, more “bad guys” are insiders than ever before.

Almost 95% of IT security breaches can be attributed to some kind of human error. They say “to err is human,” and this definitely holds true for IT security. Thankfully, there are steps organizations can take to defend corporate data from employee mistakes. I recently wrote an article on Defending Corporate Data in Spite of Employees for Computer Technology Review, an article which explores just how and why employees...