When decision-makers hear the term “cybersecurity incident,” they usually imagine a hoodie-wearing hacker in a dark basement hacking into an important server using sophisticated methods that explore yet undiscovered vulnerabilities.
In reality, most cybersecurity incidents are caused by malicious and negligent insiders. What’s especially alarming is that insider threats increased by 47 percent between 2018 and 2020, and their average cost is now around $11.45 million annually.
To avoid insider threats, you must first understand their origin. Here are three common ways employees can compromise security and cause a costly data breach.
1. Intentional Abuse of Legitimate Credentials
Back in the day, when a disgruntled employee decided to seek revenge, they would slash their boss’s tires or steal something valuable from the office. Today, employees who understand what hurts modern organizations often abuse legitimate credentials to obtain sensitive data, which they then leak online or sell on the dark web.
Cybersecurity professionals refer to such employees as “turncloaks” and warn about their deep familiarity with their organizations’ security policies and procedures. This familiarity gives them a dangerous advantage compared to attackers coming from outside, making it much more difficult for organizations to protect themselves.
The most reliable indicator of a malicious employee abusing their credentials is anomalous activity at the network level, especially when detected at unusual times, such as when employees should be at home and not working. Anomalous activity can be detected using network traffic monitoring tools, which can also be used to identify and drill down to the root cause of specific network issues, making them an excellent investment.
2. Unsafe Web Browsing and Downloading
Depending on which study you read, you’ll learn that employees spend between one and three hours a day surfing the web on personal business at work. Putting aside the productivity implications of such studies, personal web browsing and downloading is a significant threat because cybercriminals use compromised websites to distribute malware.
To minimize the potential negative consequences of web browsing and downloading, educating employees about the threats they may encounter online regularly is crucial. You should also place policies that strictly prohibit the most dangerous types of online content, such as warez websites and pornography.
However, no matter how much training your employees receive and how much time you spend crafting well-thought-out policies, your employees will still find ways to go online for personal reasons. That’s why all workstations should be equipped with practical anti-malware tools and blocked from accessing sites that are deemed inappropriate or dangerous.
3. Poor Password Practices
Not much has changed since Verizon published its 2019 Data Breach Investigations Report (DBIR), and passwords are responsible for around 80 percent of data breaches. Why? Because employees make many critical password management mistakes, and organizations often encourage outdated password management practices that can’t achieve the desired result.
Some of the most significant password management mistakes employees make stem from the indisputable fact that humans are wired to be lazy and take shortcuts when they don’t see any imminent negative consequences. For example, employees can often use post-it notes to store rarely-used passwords or ask their colleagues to share their credentials via email.
What certainly doesn’t help is that many organizations indirectly encourage poor password practices by requiring their employees to, for example, change their passwords at regular intervals or create passwords that are virtually impossible to remember.
According to the latest NIST password requirements, password length is more important than password complexity, making easy-to-remember passphrases like “threegreenmenweresittingattherestaurant” are better than complex passwords like “K5%#x7NvEU%WSi.” The National Institute of Standards and Technology also advises against periodic password resets and encourages all organizations to use multi-factor authentication to secure any online personal information.
Ensure Employees Don’t Compromise Your Security
Mitigating the risks posed by employees is no easy challenge, and solving it is possible only by making cybersecurity an integral part of your business culture.
All employees should share similar knowledge and attitude regarding protecting sensitive information and be equipped with practical tools to help them avoid malware and adhere to cybersecurity best practices.
For more information on how you can ensure that your employees don’t compromise your security, please get in touch with us at Aligned Technology Solutions today.