An insider threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. September is National Insider Threat Awareness Month and organizations should take this time as a reminder to fortify their risk mitigation strategies.
Patrick Harr, CEO, SlashNext shared his insights on what makes insider threats so dangerous and what organizations can do to defend themselves:
“When we think of insider threats, it’s important to remember we’re not just talking about disgruntled employees. Malicious intent is not required to constitute an insider threat. Even well-meaning employees, contractors and partners equipped with tools and training on cybersecurity risks can be a danger. This is because humans are not infallible. We can be lured into providing personal information, credentials or installing malicious apps that can undermine even the most sophisticated cybersecurity defenses. Social engineering phishing scams continue to be a serious problem for organizations because they target the weakest part of the organization – your “insiders,” or humans. These attacks are moving to SMS, collaboration tools, and social. We have seen an increase in requests for SMS and messaging protection as business text compromise, like its cousin business email compromise, is becoming a growing problem for an organization to detect and block. For the cybercriminal, it’s much more straightforward to launch an attack against a human because personal targeting, automation, and the availability of free legitimate domains have increased the speed and success of their attacks.
Of course, employee education and training on cybersecurity risks should continue, but it’s important to keep the curriculum up to date with the current threat landscape – for example the use of legitimate, trusted services to launch attacks. In August 2021, 12% of all malicious URLs identified by SlashNext Threat Labs were from legitimate cloud hosting infrastructure, and preliminary data for 2022 shows this trend is increasing rapidly. While sophisticated phishing coming from trusted service is very hard for humans to identify, training that serves to enhance users’ analytical skills is critical for phishing that makes it through security defense. A good training program combined with AI-powered behavioral learning technology is combination to stop phishing – a common source of insider threats -- from impacting your organization.”