It is now becoming ever so ordinary to hear about a new cyberattack affecting businesses nationally and globally on a regular basis. And when we hear about these attacks, we are quick to assume that some foreign entities are behind these attacks. However, the matter of fact is that often it is an insider’s act.
According to the IBM X-Force® Research 2016 Cyber Security Intelligence Index IBM reported that 60% of the attacks were carried out by insiders. This is a big number that should raise alarm across corporates. Involved insiders can either be intentionally conducting these malicious activities or are simply falling for traps laid by cyber-attackers in form of phishing or ransomware. Unsurprisingly though the report found that health care, manufacturing, and financial services industry are prone to attacks, primarily due to the nature of their business. The intellectual property, huge financial assets inventory and privacy data add heavily to the reason behind attacks for these identified industries.
Some common reasons for insiders to be involved in cyber security breaches are:
Lack of training: No matter how much we hear about ongoing cyberattacks, it is of paramount importance for companies to educate their workforce. Most cyberattacks happen because attackers are able to breach cybersecurity walls of a business either because an employee clicked on a malicious link or opened a file that they shouldn’t have.
Personal agenda: Sometimes people act a certain way simply because of greed or put of vengeance. They may take benefit of any cybersecurity vulnerability that either they may have noticed or even develop on if they have the means and knowledge.
Password breach: Sharing password with outsiders can be dangerous and when this rule is not followed then it can lead to severe consequences.
It is difficult when an insider intentionally or not is involved in cyberattack. Businesses must take action to protect themselves against such attempts. Here are a few best practices to follow to limit the risk of an insiders’ involvement in cyberattacks:
Training – A proper cybersecurity training program has to be in place to train each and every employee at every level of company. Train the employees through an interactive program, conduct tests, certify and then take random assessment to ensure proper security protocols are maintained.
Workforce management – Management should be vigilant in ascertaining each individuals’ cyber behavior and take appropriate actions in case of any suspicions. If an employee is terminated then proper measures should be taken to ensure that the employee do not have access to any sensitive data.
Technology – Use tools to keep a track of the cyber security measures in place. Regularly access the infrastructure to ascertain if there are any vulnerabilities and then immediately follow protocols to limit the risks.