The dangers within: Understanding insider threats

Not all cyber security threats come from the outside. Let’s explore insider threats – the motivations behind them, potential actors, primary targets, consequences and more.

Insider threat dangers
Posted on: March 2nd, 2021 onPlatinum

2020 witnessed an unprecedented onslaught of cyber security threats worldwide, as the global workforce underwent a forced transition to remote working. However, not all cyber security threats come from the outside. In a study conducted by Bitglass, 61% of businesses reported at least one insider-related cyber security incident in the last year. This could be anything from negligent employees who lack cyber training, to rogue employees who facilitate a breach for personal gain.

Considering the increasing frequency of insider threats and the severity of data breaches resulting from them, it goes without saying that all organisations need to take proactive steps to combat this serious security risk.

Before taking any preventative security measures, it is necessary to understand who causes these risks and why. In this blog, we’ll discuss all aspects of insider threats, including the motivations behind them, potential actors, primary targets, consequences and more.

Actors behind insider threats

Anyone with access to critical information can pose a potential insider threat if the information is unknowingly or maliciously misused, resulting in a data breach. Businesses need to identify these actors if they want to curb insider threats effectively.

Insider threat types can be classified as follows:

  • Negligent insiders – This may include careless executives or employees with access to privileged information. These insiders don’t have any motivation – money or otherwise. They are simply careless in their actions or may have fallen victim to a scam. For example, an employee clicking one phishing link could be enough to compromise the entire network.
  • Malicious insiders – These are insiders who intentionally abuse their credentials for personal gain. These actors have an advantage over external attackers since they have access to privileged information and are aware of the security loopholes. They may be motivated by monetary gain or may have a personal vendetta against the company.
  • Contractors or vendors – Sometimes, even third-party vendors and contractors who have temporary access to an organisation’s IT network can cause a data breach. The motivation in this case could also be money or vengeance.

Motivations behind malicious insider threats

Malicious insiders are usually motivated by one or more of the following reasons:

  • Money or greed – Most cases of non-negligent insider threats are motivated by money and personal financial gain. A greedy insider with access to restricted information is most often the culprit in this case.
  • Revenge – Another familiar reason for insider threats involves revenge. Disgruntled employees, who believe they have been wronged by the company they once worked for, are usually behind this type of threat. In August 2020, a disgruntled former employee of Cisco deleted hundreds of virtual machines and caused about $1.4 million in damages to the company.
  • Espionage – Many large organisations across the world have been victims of economic espionage from competing firms. This is mainly done to gain a competitive advantage in the market.
  • Strategic advantage – Intellectual property theft against large corporations is often a result of trying to gain a strategic advantage in the market. Korean smartphone giant Samsung became a victim recently when its supplier stole its blueprint for bendable screen technology.
  • Political or ideological – There have been many documented cases of insider threats motivated by political or ideological factors. These cases often concern national pride or revenge against another nation for the attack.

Why insider threats are dangerous

Insider threats often have a massive impact on your data, primary assets and your bottom line. On top of it all, these threats are often hard to detect and contain. A study by the Ponemon Institute estimates that it takes 77 days on average to contain insider threats once detected.

  • Targets primary assets: Insider threats often target the primary assets of an organisation, including proprietary information, product information, business plans, company funds, IT systems and more.
  • Results in huge costs: The same study by the Ponemon Institute estimated that the average cost of insider threats has increased 31% to $11.45 million in the last two years. These costs include downtime losses, loss of business transactions, loss of business opportunities and more.

Don’t wait to protect your business

Although the consequences of insider threats may be disastrous, you don’t have to face this problem alone. If you are wondering how you can mitigate these threats and prevent losses, we’ve got you covered. Reach out to us today to understand the different ways by which you can build a resilient cyber security posture.

Data Sources:

  • Bitglass 2020 Insider Threat Report
  • IBM Cost of Insider Threats: Global Report 2020

Don’t wait to protect your business from the dangers within – get in touch today!

Back to all blog posts

What our clients say

Image is not available

Condev Construction pride ourselves on quality construction and building lasting relationships. When considering a new ICT company, we looked beyond IT. We deliberately build long term partnerships with companies that share our corporate culture and ethos. Not only are onPlatinum leading the way with innovative technology and strategic business solutions they are the right business partner for Condev, and we are excited to be working together on many projects that fall outside of the ‘traditional’ ICT arena.

Glenn Cream, Director of Business, Systems and Compliance, Condev Construction.
Image is not available

As a client since 2013, onPlatinum look after our business fibre internet, call centre phone systems, cloud and office printers. From service, sales and accounts all departments are easy and hassle free to deal with. We would have no hesitation recommending them other businesses who value service and effective IT. onPlatinum are always the first company we recommend to our clients who are looking for assistance with their ICT.

Travis Barlow - Managing Director, Vodafone Business Centre
Image is not available

onPlatinum ICT has become a core component of our business functionality. We utilise a suite of services from internet connection, cloud computing and a hosted phone system, enabling us to save on resources. Simply put, onPlatinum ICT is the perfect fit for us.

Bernie Hogan – Chief Executive, Queensland Hotel Association (QHA)
Image is not available

Being a franchise network, we at First Class Accounts understood the importance of a mobilised workforce. onPlatinum ICT implemented cloud computing virtually seamlessly, allowing us to work anywhere and on any device at any time.

Debbie Stanton - General Manager, First Class Financial Group
previous arrow
next arrow