Over 60% of all data breaches are caused by someone on the inside. Insider threats range from an innocent mistake of falling for a phishing email to a malicious act carried out by a disgruntled employee (present or past).
Regardless of the cause, an insider incident can often be traced back to a gap in physical security practices.
Critical infrastructure and high-value systems need multiple layers of access control to protect sensitive information. Consider incorporating redundancies like biometric scanners in addition to measures such as key cards, and review limitations on which employees in the organization have access to essential systems.
Training to identify suspected phishing emails has become a fairly common best practice in companies but what happens if this proactive measure fails? IT response teams need immediate notification to act efficiently and with purpose when a phishing attack succeeds. Employees need to know that it is always ok to ask for advice if they are unsure about an email, and importantly, who to call to report suspicious emails or links they’ve clicked on that may be fraudulent.
The interconnection between Security and Human Resources is essential when addressing insider threats from disgruntled employees. HR teams are often the first to be made aware of potential red flags when it comes to employee behavior. Conversely, Security may pick up negative chatter from a discharged employee through their social media monitoring program. Establish regular collaboration between these areas of the organization to reduce the impact of this type of insider threat can have on the company and its employees.
The wide spectrum of insider threats makes it crucial to focus on vulnerabilities with the same diligence that is applied to external risks.