Cyber Defense eMagazine January 2020 Edition
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
24<br />
The Dark Truth<br />
of Insider Threat<br />
By Richard Menear, CEO, Burning Tree<br />
In any business, we inherently want to<br />
trust the people we work with. By and<br />
large, we can. However, the reality is<br />
that insiders remain one of the main<br />
threats to your organisation’s<br />
information and cyber security, and if<br />
you think your company can’t be<br />
breached — think again!<br />
Although it can sometimes be difficult to separate incidents caused by insiders from general data<br />
breaches, Verizon’s 2019 Data Breach Investigations Report found that 34% of all breaches in 2018<br />
happened as a result of insider work. The same report also found that 68% of data compromise is internal.<br />
Internal incidents can be especially tricky to detect because actors know exactly where sensitive data is<br />
stored and have a good understanding of your cyber security processes and the solutions you have<br />
implemented. As such, some breaches may go undetected for months — or even years.<br />
But with the cost of an insider attack remaining high (the average cost rose 15% from 2018 to 2019), it<br />
has never been more crucial for organisations to be aware of insider threats.<br />
Defining “insiders”<br />
We might think of “insiders” as disgruntled or malicious employees waiting to steal your corporate data<br />
and sell it on the dark web. Malicious intent from a disgruntled employee can be the worst type of insider<br />
threat — with fraudulent activity often going undetected and eroding company profitability. However, more<br />
often than not, a data leak is simply due to a mistake or unintentional misuse.<br />
According to reports, privileged IT users or admins are the most dangerous insiders. It is normal for IT<br />
operational staff to have direct administrative access to all systems. The information on these systems<br />
can be highly confidential or valuable and is often subject to strict compliance requirements such as<br />
GDPR. Plus, even if personal information is locked down at the application, IT administrators can access,<br />
copy, change or delete data — which could result in a GDPR compliance issue.<br />
24