Cyber Security advice

{tag_name} | Avatu

6 ways of dealing with insider threats and keep your enemies close, but your friends even closer

Marie Spanswick - Thursday, October 26, 2017

Our CEO Joe Jouhal told business leaders in the New Statesman that human frailties mean you shouldn’t rely on anyone completely when it comes to datasecurity, especially the people closest to you.

If Teresa May knows anything, she knows it’s beneficial to keep her enemies close but her “friends” closer. Since the snap election in June, her main threat hasn’t come from Jeremy Corbyn or the Labour Party. Her biggest risk has been closer to home. She’s known for a long time if Boris Johnson – and others from the cabinet or the backbenches – were to turn renegade, her authority would soon fade away.

When it comes to the security of an organisation, it is imperative you protect yourself from your potential enemies on the outside who might try to attack you, lock up your files or steal your valuable data.

However, your biggest assets are also your biggest risk: your employees, your contractors, your partners. In every organisation, absolutely every organisation, people can change their allegiance and loyal people can make mistakes or try to cut corners.

Indeed, according to the Verizon Data Breach Incident report, 90% of security incidents are caused by insiders. And of these, 29% are done deliberately by people with malicious intent but 71% are from mistakes, where humans have simply cocked up or have been manipulated.

But even if there’s no big bad monster – no Edward Snowden with WikiLeaks on speed dial waiting to share your secrets; no disgruntled employee ready to give your customers’ sensitive data to the highest bidder on the Dark Web, or share your IP with your biggest competitor, you will have people within your organisations that make mistakes. Because you employ humans you will have people who are tempted to click on phishing links, containing malware or ransomware, that infect your systems and disrupt your business.

You will have people who fall for the ploy of opening attachments identified as overdue “invoices” that the boss has asked them to pay. Those that intend to do you harm are using social engineering techniques to take advantage of people’s natural instincts.

You will have people who try to do things outside of policy or protocol and send out unprotected sensitive data to other people, or to the wrong people (to the wrong John Smith for example).

You will have people who put your security at risk, and not because they are rogue or self-serving, but just misguided or misinformed.

The savviest of leaders and security professionals, however, employ technology to compensate for the frailties of the humans they have working for them.

If you take your business seriously – and we assume you do because you’re reading this – you have to take insider threats seriously and invest appropriately too.

Your enemies may be plotting against you but your friends are the ones who will inadvertently help them or just make genuine mistakes. A healthy dose of scepticism and some innovative technologies could just save you from your friends' good intentions, and from yourself.

Six places where technology can make up for malicious intent and human frailties:

1. It deals with email attachments properly – Email can be a real headache for security teams. It’s a constant source of malware dressed up in a way that insiders let in. It is easy, however, with innovative technology to plug this whole area – and still have access to legitimate documents in a way you can use them properly (where you can keep Excel or Word files, for example, as Excel and Word files, and you don’t need to turn them into unworkable PDFs).

2. It only gives people access to the information they need for their job – It seems simple but you’d be surprised how many organisations still allow too much access to too many people. Simple technology can sort this out and seriously limit your insider risk.

3. It protects data at source - If you protect your IP or other files at source with special software, you can pull the plug remotely if it gets stolen or shared by mistake and it will no longer be accessible to anyone that’s not authorised to see it.

4. It reinforces security training – Security training is essential for all organisations, but like most training, as soon people leave the training room it starts to be forgotten, unless it becomes every day practice. Technology can remind people what they should be doing and continues to educate them if they err from the safe path you’ve set.

5. It can monitor what people are doing – Even trustworthy employees, vendors and consultants need to be monitored to make sure they don’t unintentionally – or on purpose – do things that will harm your business. Technology can alert employees in real time of potentially harmful actions and policy violations, and change their behaviour. It can alert security and IT teams of potentially harmful actions and it can maintain irrefutable logs and video recordings to support investigations.

6. It can introduce a robust last line of defence – We all know that traditional perimeter methods will only protect organisations and their information so far. When you are making up for the failings of your people, you can also make up for the failings of your perimeter defences with more sophisticated technology, which detected every threat thrown at it during the rigorous NSS Labs Breach Detection Systems test, without generating any false positives.

This advice first appeared in the New Statesman.  Click here to see more.

For more information, you can email: cybersecurity@avatu.co.uk or phone: 01296 621121

 

‹ Go Back

Sign up to receive our updates

Protect your reputation with knowledge. Organisations can stay on the front foot with the latest news & developments. Sign up now to stay in touch & ahead of the game. You can find out more on Twitter & LinkedIn too.​

Please complete the letter in the box below (to help us filter out spam)

Captcha Image

Privacy and cookies | Conditions of use

© Avatu Ltd. The content on this website is owned by us and our licensors. Do not copy any content (including images) without our consent.