CP
cyberpings
Threat IntelHIGH

Insider Threats - Rising Incidents and Consequences Explained

CSCSO Online
insider threatMimecastForrester ResearchAI securitydata breaches
🎯

Basically, insider threats are when people inside a company cause harm, either on purpose or by accident.

Quick Summary

Insider threats are on the rise, with 42% of organizations seeing more incidents. This trend is costly, averaging $13.1 million per incident. Companies must adapt their security measures to combat this growing risk.

What Happened

Insider threats are making headlines again, as organizations face a growing risk. According to the State of Human Risk Report by Mimecast, 42% of organizations have reported an increase in malicious insider incidents over the past year. Additionally, the same percentage noted a rise in negligent incidents for the first time. On average, organizations experience six insider-driven incidents each month, costing approximately $13.1 million per incident. This alarming trend highlights the urgent need for businesses to reassess their security protocols.

Who's Behind It

The report indicates that insider threats can be categorized into two main types: malicious insiders and negligent insiders. Malicious insiders intentionally act to harm the organization, while negligent insiders may inadvertently cause harm through careless actions. The Forrester Research survey revealed that 22% of data breaches in the past year resulted from internal incidents, with 47% attributed to malicious intent and 32% to inadvertent misuse. The evolving landscape of work, including remote arrangements and the rise of AI, has created new opportunities for both types of threats.

Tactics & Techniques

Modern insider threats are increasingly sophisticated. Today, insiders can include not just employees but also contractors and even AI agents. The shift to remote work has blurred the lines of accountability, making it easier for insiders to exfiltrate data without detection. Additionally, social media has become a tool for malicious actors to gather information and manipulate insiders. As Niel Harper, a strategic advisor, points out, social media provides a wealth of information that can be exploited by external threat actors to coerce insiders into compromising their organizations.

Defensive Measures

Organizations must adopt proactive measures to combat insider threats. This includes implementing advanced security technologies that can detect unusual behavior and unauthorized data access. It's also essential for security leaders to collaborate with HR and legal teams to identify potential insider threats, especially among employees facing layoffs or exhibiting disgruntled behavior. Regular background checks and continuous monitoring of employee activities can further mitigate risks associated with insider threats. As the threat landscape evolves, businesses must remain vigilant and adapt their security strategies accordingly.

🔒 Pro insight: The rise in insider threats underscores the need for organizations to enhance their behavioral monitoring and adaptive security controls.

Original article from

CSO Online

Read Full Article

Share

Related Pings

HIGHThreat Intel

Threat Intel - North Korean Fake IT Worker Nabbed Quickly

A North Korean fake IT worker was caught within 10 days of being hired. This incident highlights the risks of insider threats and the need for robust security practices. Organizations must enhance their hiring processes to prevent similar infiltrations in the future.

CSO Online·
HIGHThreat Intel

Threat Intel - Russian Hackers Target High-Value Users via Signal

Russian hackers are targeting Signal and similar messaging platforms, compromising thousands of accounts. This poses serious risks to sensitive communications, especially for government personnel and journalists. Users must remain vigilant against phishing attempts to protect their information.

Help Net Security·
HIGHThreat Intel

Threat Intel - Key Cybersecurity Updates from Last Week

Last week revealed key cybersecurity threats including state-sponsored attacks on iPhones and a rise in fake online shops. Stay alert to protect your data.

Malwarebytes Labs·
HIGHThreat Intel

Trivy Supply Chain Attack - What Happened and Impacts

A supply chain attack on Trivy led to malicious releases affecting many CI/CD workflows. Organizations using these tools must act quickly to secure their environments. Immediate updates and secret rotations are essential to mitigate risks.

Aqua Security Blog·
HIGHThreat Intel

Threat Intel - Russia-linked Actors Target WhatsApp and Signal

Russia-linked actors are targeting WhatsApp and Signal accounts of officials and journalists. This phishing campaign compromises sensitive communications, posing serious risks. Stay alert to protect your accounts from these threats.

Security Affairs·
HIGHThreat Intel

Trivy Supply Chain Attack - Key Insights and Implications

A major supply chain attack compromised Trivy, a popular security tool. Users must act quickly to secure their systems. This incident underscores vulnerabilities in trusted software.

Aqua Security Blog·