INSIDERS COULD BE YOUR COMPANY’S BIGGEST CYBERSECURITY RISK (STILL)

(Updated: June 24, 2024)

THE OUTSIDE THREAT IS GROWING  

The sophistication and number of successful global cyberattacks continue to rise. According to the Ponemon Institute’s 2023 study, the average cost of a data breach has reached $4.45 million. Cyber threats are evolving, and businesses of all sizes, from small local businesses to Fortune 500 companies, are vulnerable.

With over 7,000 cybersecurity products on the market generating an estimated $150 billion annually, finding the right solution is increasingly challenging as the number and types of threats continue to grow. Companies often resort to a DIY approach, piecing together various tools to protect critical systems and data from exploitation.

However, insiders—those within your organization—are frequently the toughest threat to defend against and potentially your company’s biggest cybersecurity risk.

WHAT IS AN INSIDER?  

Brookey Company Insider Threat (002).jpg

Insiders include current or former employees, contractors, temporary freelancers, third-party business partners, and other vendors with access to your networks, systems, and data. For discussion purposes, we will focus on the most likely threats: Malicious Insiders and Negligent Insiders, excluding Compromised Users. 

Malicious Insiders engage in intellectual property and data theft, system sabotage, or fraud. Threats from malicious insiders are often associated with departing or former employees or contractors. In some cases, malicious insiders use their access to systems and data for illicit purposes without any intention to leave the organization.

Negligent Insiders are careless with their actions, unintentionally causing as much or more harm than malicious insiders. These insiders often open phishing email attachments, click on malicious URLs, and inadvertently install malware or ransomware on their computers.

CYBERATTACKS USING PHISHING TACTICS ARE TRENDING UP  

In 2023, phishing attacks saw a significant increase, with phishing emails being the primary method of malware delivery method. Email remains the top attack vector, but web applications and social media are also becoming prominent sources of phishing threats. According to the 2023 Verizon Data Breach Investigations Report, 91% of cyberattacks and the resulting data breaches begin with a spear phishing email. Even the best tools are no match against negligent insiders who open phishing email attachments or visit compromised websites.

SOCIAL MEDIA PHISHING TACTICS ARE EVOLVING  

Insiders visiting social media sites present another cyber risk to your company. Links from social media platforms can be as malicious as phishing emails. For instance, in 2023, a U.S. Department of Defense employee fell prey to a phishing scheme on X (formerly Twitter), promising a free vacation. With X's 280-character limit (for regular accounts, as of March 2024), and shortened links, the probability of someone clicking on malicious links increases significantly. Similarly, Facebook messages can contain phishing attempts to extract personal account data, potentially compromising company accounts. LinkedIn, with over 500 million users, is another platform where bad actors use InMail for tailored phishing schemes, exploiting negligent insiders.

WHAT YOUR COMPANY CAN DO TO ADDRESS INSIDER THREATS - TODAY 

We recommend your company consider the following steps as countermeasures to protect against potential insider threats.    

  • Promote Cybersecurity Awareness: Ensure that the Executive Leadership team frequently communicates that protecting the company’s information assets is everyone’s responsibility, not just the IT department's. Deploy Behavior-Based Anomaly Detection: Implement processes and tools to detect suspicious access patterns and other unusual activities within your network and systems.   

  • Enforce Separation of Duties: Implement and strictly enforce policies surrounding the separation of duties to minimize opportunities for unauthorized access to information assets. 

  • Increase Workforce Cybersecurity Training: Move beyond annual training. Regularly communicate “Cybersecurity Tips” via company channels and keep your organization aware of current threats to reduce negligence.   

  • Gamify Cybersecurity Training: Engage insiders through gamification to encourage the correct behaviors and reduce careless mistakes.   

  • Conduct Cybersecurity Business Risk Assessments: Perform these assessments at least semiannually to measure the effectiveness of your company’s cybersecurity risk management efforts.

  • Run Tabletop Practice Breach Simulations: Prepare for when (not if) your company experiences a breach. Assign roles throughout the organization to improve incident response and raise awareness.

Conclusion

Insider threats are an ongoing challenge for businesses. By understanding the different types of insider threats and implementing proactive measures, organizations can significantly reduce the risk and impact of insider-related cybersecurity incidents. The increasing sophistication of phishing and social media attacks requires constant vigilance and updated strategies to protect valuable company data and systems.

Partner with a Global Leader in Managed Detection & Response (MDR) and Compliant Cloud Solutions

Brookey & Company partners with global leaders in Managed Detection & Response (MDR) and compliant cloud solutions to provide comprehensive cybersecurity services. Together, we offer advanced protection against insider threats and other cybersecurity challenges. Contact us today at info@brookeyco.com or call us at 858.568.7788 to enhance your cybersecurity strategy and safeguard your organization's assets.

© Brookey & Company, Inc. Unauthorized reuse—including by automated systems—is prohibited under applicable copyright law. Monitoring and enforcement in place.