In the past 3 months, all of us have been overwhelmed by the coronavirus as it is now affecting the whole world. We have encountered unprecedented problems, shortages and uncertainty due to the pathogen. This is where insecurity comes in, an epidemic of insecurity. Many psychologists are offering help to ease this kind of insecurity. For us, a cybersecurity practitioner, the best cure to ease the insecurity is to face the truth and understand the root problem. Only by understanding our weakness or vulnerability in cybersecurity, can we start measuring the risk and mitigating them. To simply put, we cannot protect what we cannot see.
At Hoplite Technology, we are here to get ourselves prepared for the next cybersecurity threats. Apart from paying attention to the defence system, we look at the human factor. In cybersecurity, there is a cliché saying “your company’s cybersecurity is only as strong as its weakest link”. No matter how strong your defence system is, hacker is always looking for the weakest point to break into your system. Sadly, oftentimes, employees or insider threat are the weakness point when it comes to cybersecurity. If you like to quantify the cost of insider threat, the Ponemon Institute 2018 Cost of Insider Threats: Global Study cost shows that if the incident involved a negligent employee or contractor, companies spent an average of US$283,281. More seriously, these incidents are not resolved quickly. The study revealed that it took companies more than two months on average to contain an insider incident. Only 16% of incidents were contained in less than 30 days.
According to Verizon Insider Threat Report which drawn from 2018 Verizon Data Breach Investigations Report (DBIR), there are five types of insider threat actors:
1. Careless Worker (misusing assets)
Employees or partners who misappropriate resources, break acceptable use policies, mishandle data, install unauthorized applications and use unapproved workarounds; their actions are inappropriate as opposed to malicious.
2. Inside Agent (stealing information on behalf of outsiders)
Insiders recruited, solicited or bribed by external parties to exfiltrate data.
3. Disgruntled Employee (destroying property)
Insiders who seek to harm their organization via destruction of data or disruption of business activity.
4. Malicious Insider (stealing information for personal gain)
Actors with access to corporate assets who use existing privileges to access information for personal gain.
5. Feckless Third Party (compromising security)
Business partners who compromise security through negligence, misuse, or malicious access to or use of an asset.
Only by seeing what threats lying in front of us, we can formulate a way to tackle them.
In order to minimize the cost of insider threats, senior management has started to realize the problem and invest more on staff security awareness training. These kinds of training are realized into different training styles, such as classroom seminar style, web-based, or discussion-based training.
The purpose of an effective security awareness program should be to create a change in behaviour, rather than just to educate staff about what the desired behaviour should be. In our upcoming blogs, we will talk about how our mindfulness cybersecurity program can boost employees’ cybersecurity mind.
Protect Emails with Anti-Phishing Bot