One of the most difficult things to do in business is to imagine a scenario in which someone you trust puts your organization at risk. We focus so much on the external threats that the internal ones often go unnoticed. How can you make sure that your organization does not fall victim to the several different types of insider threats out there? Let’s take a look.
Insider threats are more difficult to identify due to the fact that identifying them means figuring out which network activity is acceptable and which activity is not. Gartner identifies four types of insider threats, many of which don’t necessarily have malicious intent. In fact, some are just byproducts of gross negligence for network security and rules. Here are the different types of insider threats and why they are so dangerous.
Gartner identifies this category as the “pawn,” or those who are tricked into becoming complicit with a hacker’s desires through the use of social engineering or phishing schemes. In this case, the insider threat is unaware that they are being taken advantage of by the hacker.
There are some insider threats who cooperate with third parties to disclose sensitive information or trade secrets. This type of threat, called the “collaborator,” is dangerous in that they can leak important information with the express intention of harming your business for their own personal gain.
Some folks just don’t take security seriously, a mindset that leads them to make mistakes while trying to avoid adhering to company policy. These workers are placed in the “goof” category, or those who let their arrogance and negligence lead them to make mistakes. Goofs might make choices that benefit themselves at the expense of the network’s security.
While many insider threats do emerge in part due to the efforts of others, there are some who simply act on their own. These threats are called “lone wolf” insiders, and they are especially dangerous if they have high-level access to sensitive information. While their reasons for acting may vary, this does not excuse their behavior, as they are actively working against the organization they are a part of.
i-medIT wants to help your business protect itself from all types of threats, be they insiders or external. To learn more about how we can secure your business, reach out to us at 630-549-6199.
Comments