Insider Attacks: What Companies Can do to Protect Themselves

Insider Attacks: What Companies Can do to Protect Themselves on

Don’t make the mistake of assuming your organization isn’t susceptible to insider cyber-attacks

When most company officials think about cyber-attacks, they’re likely thinking of a rogue hacker infiltrating their network to steal important company data. While this can and does happen, it’s actually insider attacks that are far more dangerous and prevalent. If your company isn’t looking at internal threats with as much vigilance as external ones, then you may be setting yourself up for trouble.

What are insider attacks?

Insider attacks are any sort of cyber security issue that arises, maliciously or accidentally, by way of internal employees, trusted vendors and others who have internal access to systems and resources. These attacks can come in many forms, a few of which include:

  • Phishing – Think of this as a combination of external/internal threat. An employee inadvertently clicks on a link in an email, which could cause a virus or malware to be loaded onto a company network.
  • Theft – Internal employees stealing corporate data or credentials, which are then distributed for misuse.
  • Carelessness – There are countless instances where employees inadvertently send a file to the wrong email address or pass credentials or sensitive data over an unsecured connection. While these are honest mistakes, they can still have disastrous consequences.

According to a 2018 Cost of Insider Threats study from the Ponemon Institute, about 64% of 874 incidents that were reported could be attributed to insider negligence. Below are how the causes break down:

  • 598 of the 874 incidents were caused by employee or contractor negligence
  • 85 were caused through the use of stolen credentials
  • 191 were caused by malicious employees and hackers

What can be done to prevent insider attacks?

If you’re concerned that you may not be doing enough to prevent insider attacks within your company, there are several things you can do:

Pay attention to your employees

Do you have an employee who’s recently started coming into the office at odd hours or maybe an employee who’s started to take lengthy vacations? These examples of unusual behaviors could be signs that something may be awry with one of your workers.

Try to also keep an eye on the satisfaction of your employees. You want your employees to be happy in their jobs, both because they’re more likely to stay invested in your company and be less likely to act against the organization.

Perform background checks

Even if an employee comes with glowing recommendations from a former employer, perform some type of background check to ensure you’re not hiring someone with a checkered past. Smaller companies often skip this step because they’re worried about the expense, but today’s background checks don’t have to be costly.

Provide training for your employees

It’s critically important that your employees understand the very real dangers that exist in today’s connected economy. Be sure to communicate why certain security measures are in place and discuss any new threats that exist as well as threats that never seem to subside – like phishing, viruses, and malware. Training needs to be a continuous effort, not something that’s done once and forgotten about for months or even years.

Control user access

It’s important to regularly audit user accounts to ensure that your employees only have access to the data that they need to get their jobs done. As your company grows, tracking user access controls can become more difficult, but also more important.

To help control user access:

  • Encourage the use of complex passwords
  • Use two-factor authentication, which helps to prevent cyber-attacks. Most enterprise level SaaS tools offer support for two-factor authentication, so it’s wise to take advantage of this security.
  • Regularly review all permissions and have a procedure in place for revoking them immediately.

Need help monitoring for insider attacks?

Don’t fret if you or your IT team are feeling overwhelmed due to the risks of cyber-attacks, whether from external or internal sources. At CyberGuard360, we’ve helped countless organizations around the country buttress their network architecture to reduce the risk.

For more information on our cybersecurity solutions, don’t hesitate to call us at 844-315-9882 or get in touch through our online contact form.