When decision-makers hear the term “cybersecurity incident,” they usually imagine a hoodie-wearing hacker in a dark basement hacking into an important server using sophisticated methods that explore yet undiscovered vulnerabilities.
In reality, most cybersecurity incidents are caused by insiders—both malicious and negligent. What’s especially alarming is that insider threats have increased by 47 percent between 2018 and 2020, and their average cost is now around $11.45 million per year.
To avoid insider threats, you must first understand their origin. Here are three common ways employees can compromise your security and cause a costly data breach.
1. Intentional Abuse of Legitimate Credentials
Back in the day, when a disgruntled employee decided to seek revenge, they would slash their boss’s tires or steal something valuable from the office. Today, employees who understand what really hurts modern organizations often abuse legitimate credentials to obtain sensitive data, which they then leak online or sell on the dark web.
Cybersecurity professionals refer to such employees as “turncloaks,” and warn about their deep familiarity with the security policies and procedures of the organizations they work for. This familiarity gives them a dangerous advantage compared with attackers coming from outside and makes it that much more difficult for organizations to protect themselves.
The most reliable indicator of a malicious employee abusing their credentials is anomalous activity at the network level, especially when detected at unusual times, such as when employees should be at home and not working. Anomalous activity can be detected using network traffic monitoring tools, which can also be used to identify and drill down to the root cause of specific network issues, making them a great investment.
2. Unsafe Web Browsing and Downloading
Depending on which study you read, you’ll learn that employees spend between one and three hours a day surfing the web on personal business at work. Putting aside the productivity implications of such studies, personal web browsing and downloading is a major threat because cybercriminals use compromised websites to distribute malware.
To minimize the potential negative consequences of web browsing and downloading, it’s important to regularly educate employees about the threats they may encounter online. You should also put in place policies that strictly prohibit the most dangerous types of online content, such as warez websites and pornography.
However, no matter how much training your employees receive and how much time you spend crafting well-thought-out policies, your employees will still find ways to go online for personal reasons. That’s why effective all workstations should be equipped with effective anti-malware tools and blocked from accessing sites that are determined to be inappropriate or dangerous.
3. Poor Password Practices
Not much has changed since Verizon published its 2019 Data Breach Investigations Report (DBIR), and passwords are still responsible for around 80 percent of data breaches. Why? Because employees make a lot of critical password management mistakes, and because organizations often encourage outdated password management practices that can’t possibly achieve the desired result.
Some of the biggest password management mistakes employees make stem from the indisputable fact that human beings are wired to be lazy and take shortcuts when they don’t see any imminent negative consequences for their actions. For example, employees can often be found using post-it notes to store rarely used passwords or asking their colleagues to share their credentials with them via email.
What certainly doesn’t help is that many organizations indirectly encourage poor password practices by requiring their employees to, for example, change their passwords at regular intervals or create passwords that are virtually impossible to remember.
According to the latest NIST password requirements, password length is more important than password complexity, making easy-to-remember passphrases like “threegreenmenweresittingattherestaurant” are better than complex passwords like “K5%#x7NvEU%WSi.” The National Institute of Standards and Technology also advises against periodic password resets and encourages all organizations to use multi-factor authentication for securing any personal information available online.
Ensure Employees Don’t Compromise Your Security
Mitigating the risks posed by employees is no easy challenge, and solving it is possible only by making cybersecurity an integral part of your business culture.
All employees should share similar knowledge and attitude regarding the protection of sensitive information and be equipped with effective tools to help them avoid malware and adhere to cybersecurity best practices.
For more information on how you can ensure that your employees don’t compromise your security, please get in touch with us at Aligned Technology Solutions today.