The greatest threat to your organisation isn’t necessarily a sophisticated cyber criminal located in Russia or China –it could be someone sitting down the hall from you. In fact, insider threats are among the most dangerous cyber threats today.
However, businesses are often reluctant or negligent when it comes to combatting them, with many having no response plan to cover insider risks, or having no understanding of how effectively their security solutions mitigate them.
Insider threats fit into three broad categories.
Firstly, careless or negligent employees or third-party contractors who unintentionally give an attacker access to the business network.
Next, the criminal or malicious insider is one who abuses his or her privileged access to the business network to steal or exfiltrate proprietary or sensitve data for monetary gain orrevenge.
The third kind are credential thieves who pose as a member of staff or a contractor to gain access to valuable data and then compromise the data for monetary gain.
Insider threats can cause significant damage – valuable customer data, trade secrets and more could be exposed following a breach. Downtime following a breach could affect the organisation too, in more ways than one. Establishing the details of the incident and then containing the damage can take time and drain resources.
A malicious actor could also cause damage to physical or digital equipment, systems or applications, or even alter or delete valuable data. Moreover, reputational damage and loss of customer confidence is unavoidable. Finally, with increasingly stringent data protection regulations in place, any security incident could result in huge legal costs and regulatory fines.
The question is, what are the steps businesses can take to fight this threat?
Nick Maxwell, GM, UK/MEA at Ava Security, will be presenting on “Combating the insider threat: when you start trusting your technology, you can grow the trust in your employees”, at the ITWeb Security Summit 2021, to be held as a virtual event from 1 to 3 June.
Maxwell is a cyber security and networking industry professional with a passion for learning, working and creating a better understanding of the concerns and needs of clients and partners, across several regions in a variety of verticals. He has over 13 years’ experience in the technology industry and has worked for multinational, leading technology companies.
During his presentation, he will unpack how the pandemic has illuminated the threat of unprotected remote workers, how the insider threat has evolved due to the remote workforce, and what controls can be put in place to mitigate the risk of malicious, negligent or accidental incidents caused by insiders.
He will also discuss the impact of ‘cyber fatigue’ and stress or anxiety on the insider threat risk and what can be done to deal with this, and will talk about how to create a high-trust culture by empowering employees with incident-based training in real time.
ITWeb Security Summit 2021: 1-3 June
Book your seat now to get up to speed on cyber security trends, solutions and best practices – all without leaving your home or office. The event will feature more than 50 speakers, including seven international keynotes, who will be sharing their knowledge and expert opinions with you. Early bird registration closes on 7 May.
Share