Accidental insider threats pose significant financial risks to businesses. Rocky Giglio, director of security go-to-market & solutions at SADA, explores the impact of such threats, provides examples, and offers mitigation strategies to prevent them.
Although the motivations for malicious actors vary from espionage, personal financial gain, or even outright spite, one of the most common (and commonly overlooked) forms of insider threats is the accidental one. Humans are frequently referred to as both the strongest and weakest component of a company’s cybersecurity program, and rightfully so – with proper education, enablement, and encouragement, employees can develop a “security first†mindset to help them protect business assets. However, humans are…well, human; and employees (also known as “insider threatsâ€) must be calculated as a part of any company’s threat model. The complexity of risk mitigation around these insider threats – and the financial risks associated with ignoring them – pose a unique set of problems for executives and security leaders.Â
For businesses of any size, transitioning to the cloud offers tremendous benefits. Teams can be more agile, adapt faster to changing business environments, and deliver more value and overall return on investment than traditional on-premise monoliths. For as much promise as the cloud offers, however, it also carries tremendous risks and security threats if not configured and managed properly.Â
While threats to cloud security are varied, one increasingly prevalent form of attack is via the insider threat. In short, insider threats come from people associated with any individual organization, be it a current employee, former employee, consulting partner, and beyond. These threats are also much harder to track, causing businesses to have high-security concerns without proper mitigation strategies.Â
Accidental threats are not as easily accounted for, as the lack of malice or intent on the person carrying out the threat makes it hard to identify and stamp out proactively. Instead, accidental insider threats often stem from simple errors or oversights (more on that later) that are harder to catch in the moment. New reportingOpens a new window from Gartner also underscores human oversight’s role in all cyber incidents; by 2025, the firm predicts that a “lack of talent or human failure†will cause more than 50% of all cyber attacks.Â
Regardless of the cause, accidental insider threats still carry the same financial consequences as intentional ones and provide a clear and present threat to businesses operating in the cloud. To curb the risk of security compromise – and subsequent financial loss – it is time for businesses to take a hard look at how they can weed out and proactively prevent accidental insider threats.
See More: How to Recognize a Phishing Email
Examples of Accidental Insider Threats
Now that we have a general sense of what comprises an accidental insider threat, let’s dive into some common instances to help understand the problem further.Â
Vulnerabilities that lead to accidental insider threats are varied. Still, one of the most common is exposure through using a system outside the scope of IT or using features that expose assets through collaboration. For example, an employee can accidentally set a document’s access link to allow everyone on the internet to view it, opening up a can of worms and an easy avenue of attack for cybercriminals. Another common threat is working around IT and Security restrictions to get work done. While the intent is to complete a valuable task for the organization, the workaround exposes one of the most precious assets, data and intellectual property.
Then there needs to be more security knowledge and training amongst employees. Suppose businesses need to provide proper training from the get-go. In that case, they risk having the employees break security protocol by simply overlooking key areas that will leave their infrastructure less secure. A common example is phishing and email scams; often, employees interacting with external email domains may not be able to recognize the signs of a threat in real-time. How many text messages did you get from the CEO this week asking you to send some money?
As cyber criminals become aware of security flaws in a specific business’s infrastructure, they can exploit unwitting employees and manipulate them into handing over sensitive company information. While neither of these two instances include any malicious intent on the part of the employee, it is evident now more than ever that accidental threat can stem from something as simple as a minor slip-up.
It Is Time To Act
The cost of doing nothing is high. As a whole, insider threats continue to carry increased financial risks and losses. Recent research indicates a few uncomfortable truths. For one, the average annual cost of insider threats was about $15 millionOpens a new window in 2022, with 56% of those incidents attributed to user negligence compared to just 26% with criminal insider threats. The average cost per incident due to accidental or negligent exposure is over $270,000. That cost, multiplied by the annual average of 13 incidents per year, makes this a threat risk with a cost of over $3,000,000.Â
The evidence is clear that insider threats carry significant, potentially trajectory-altering financial consequences that can no longer be ignored. Fortunately, risks and losses are preventable within any business through a few different mitigation strategies.Â
See More: How to Protect Employee Privacy while Battling Insider Threats
What Can Businesses Do to Mitigate Risk?
Fortunately, there are a few different steps that businesses can take to curb the risk of these accidental insider threats. Any combination of the mitigation tactics and strategies below will help.
- Zero-trust architecture: Implementing a zero-trust practice within your business is critical to fortifying security infrastructures against intentional and accidental threats. A zero-trust architecture leverages ongoing user authentication and authorization processes that ensure sensitive information is accessed by the correct parties at the correct times. Good zero-trust architecture means no connection is trusted from the web server to the database and every user interaction. This lays the foundation for BYOD and other cost savings measures without the risk of exposing sensitive information.Â
- Early security implementation: While security and authentication measures should be consistent, implementation of these services and security training early on will also play an important role in mitigating the risk of a breach or accidental insider threat. For example, businesses can implement risk and compliance measures as code in their cloud stack to catch misconfigurations before deployment. The sooner companies update their cloud security services or implement them during the adoption phase, the better off their businesses will be in the long run. These policies and practices should extend to the user real and SaaS platforms your companies leverage. Include a user experience assessment in your security strategy to see how your employees like to work and what they see as potential blockers to getting things done. This will allow you to create methods of work that enable the employee to improve their experience and ensure everything is protected correctly. If you just say no, they will go around you, exposing your data.
- Employee training: As mentioned earlier, even the most minor security oversight can lead to a breach, so business leaders must implement proper security training that helps keep users aware of company security protocols and the cyber risks that appear throughout their day-to-day work. What’s most key here is that companies have ongoing training. Security training is not a one-and-done tool, especially since enterprise technologies and cyber threat tactics constantly evolve.
The impetus to act on accidental insider threats is clear: though not in bad faith, these threats can carry serious financial repercussions that set businesses back on their goals. With more proactive, robust security postures, the risk of accidental threats will become easier to manage.
Have you implemented proactive security measures to safeguard your business from accidental insider threats? Let us know on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window . We’d love to hear from you!
Image Source: Shutterstock