2018 Cyber Security Trends – The Rise and Risks of Insider Threats

Cyber security threats from external attackers are a constant worry for all organizations, as evidence by the many recent, headline-grabbing Ransomware data breaches such as WannaCry, Petya, Bad Rabbit.

However, today’s most damaging cyber security threats are not just originating from malicious outsiders or malware, but from insider threats. In fact, according to the 2018 Insider Threat Report by Cybersecurity Insiders, two-thirds of organizations (66%) consider malicious insider attacks or accidental breaches more likely than external attacks!

The trusted insider roams freely within the walls of your network with little oversight or accountability. Protected data and intellectual property lie within a keystroke of anyone with access, putting your organization at risk, every second of every day. The main problem here is that most companies simply have TOO MANY over-privileged users, meaning users that have more permissions than they need to do their job.

Insider threats come in many shapes and sizes. Maybe you are dealing with an intentionally malicious employee like our fictional character “Disgruntled Dan”.

Or many times, the most common insider threats result from accidental human error. Some privileged user makes a change (often, by accident) that causes issues or opens security gaps. Downstream this can lead to bad things like data loss or compliance risk. We call this use case “Careless Craig”.

Both characters are featured in our latest Hank the Hacker video.