Threat Intelligence Blog

Posted November 14, 2018

You’ve likely heard the urban legend of the babysitter who gets a phone call from a killer and – spoiler alert – the call is coming from inside the house. Similarly, some of the biggest threats to your organization aren’t originating outside of your walls, but from the inside.

While the term “insider threat” is normally associated with employees going rogue and purposefully leaking/stealing/selling confidential information, what many people don’t realize is that accidental leaks can cause the same amount – or even more – damage. In fact, 51% of organizations deemed accidental/unintentional insider threat to be their biggest concern when asked to choose between either malicious or accidental insider threats.

Who is behind these accidental threats?

Now you’re probably thinking, how could someone unintentionally expose sensitive company information? Most often, it can be attributed to:

  1. Employees –  30% of phishing messages are opened, which is the most utilized tactic for launching an attack. More often than not, your employees are accidentally opening emails with a malicious attachment, giving the bad guys a way into your network to expose employee/customer information, intellectual property, and other proprietary information.
  2. Third Parties – This doesn’t just apply to vendors, but also independent subsidiaries, suppliers, etc. Essentially anyone connected to your network. Without the proper visibility into your third parties’ security posture, you have no idea if their cybersecurity is your weakest link.

Top enablers of accidental insider threat

The causes of accidental insider threat are nothing new – they are the exact same as any “normal” threat to the organization. Though these are basic cybersecurity issues that most are aware of, they are sometimes overlooked because they’re “what everyone already knows”.

  1. Phishing attacks
  2. Weak/reused passwords, well as password sharing
  3. Unlocked devices
  4. Business email compromise
  5. Utilizing unsecured Wi-Fi networks

As an organization, what best practices can you implement to protect yourself from these accidental threats?

Keep a Clean Machine

To protect employee computers from malware, viruses, or other cyber threats, make sure they are remembering to keep anti-virus and anti-spyware up-to-date. If you can, regularly push automated scans to employee devices to help catch malware or viruses quickly, stopping attacks in their tracks.

Lock Down Your Login

Protecting login credentials is crucial, always use the strongest authentication process offered. Some of these authentication methods include biometrics or other forms of multi-factor authentication. Following these steps makes it more difficult for the bad guys to access your important accounts that can lead to confidential customer, employee, or company information.

Back it Up

It is always a good idea to make an electronic copy of important business documents that are saved in a secure cloud or on an external hard drive. This will help your business secure important data in case a computer or device is compromised – whether from ransomware,  hacker, etc. – and the data deleted.

When in Doubt, Throw it Out

Train your employees to be on the lookout for email, text, social media messages, or any online communication that seems suspicious. Phishing attacks have become more sophisticated, making them more difficult to spot. If you receive a message that seems slightly suspicious, even from a known source, it’s best to just toss it or send to your internal fraud department. This tactic will help you avoid becoming a victim of scams like the Business Email Compromise (BEC), also known as “man-in-the-email,” where attackers spoof an employee or executive email and then utilize social engineering in order to defraud a company. They’ll typically target higher-level employees who have access to funds or other financial/payment information. BEC campaigns have gained more traction in the past few years, seeing an 87% increase in incidents from 2016 to 2017.

Assess Your Third Party Risk

When thinking about insider threats, taking a look at the security posture of your third parties who have access to your network, data, and facilities seems like a no-brainer. Think of a third party like one of your employees; they likely the same access – and sometimes even more – than employees. Still, organizations aren’t emphasizing their third parties’ security posture enough, as 32% of global organizations do not evaluate third party cybersecurity.

Not all third parties are created equal in the risk that they bring to your organization. Here are some questions you should be asking when evaluating third party risk:

  1. What level of access does your third party have to your systems and network?
  2. How sensitive is the information they can access?
  3. What kind of damage is done if the information or system is exposed?

Once you have an idea of the type of data access and how much risk it brings to your organization, you can start to prioritize your third party security.

Addressing Risk from the Inside Out

Digital risk can originate anywhere, but more often than not it’s from those with insider access to your organization – whether third party or regular employee. Keeping the organization safe from cybercrime is the responsibility of each user, with the help of the enterprise. As cyber threats become more sophisticated, employees, executives, and even third parties need the right training and tools to stay current on the newest and prevailing cybersecurity threats. This knowledge will help them stay vigilant in their actions and understand how one accidental click could create a domino effect that could compromise your organization.

To learn more, contact us.

Additional Posts

LookingGlass Cyber Solutions Ranked 129 Fastest Growing Company on 2018 Deloitte Technology Fast 500

LookingGlass® Cyber Solutions, a leader in threat intelligence-driven security, today ...

Spooking the C-Suite: The Ephemeral Specter of Third-Party Cyber-Risk

Halloween movies are the perfect metaphor for breaking down today's scariest supplier breach ...