Tue. Sep 17th, 2019

The Attacker Within: How Small Businesses Can Minimize Insider Threats

In past articles, we often talk about the importance of adopting a human-centric approach to cybersecurity. Why? Because 99% of today’s cyberattacks are human activated. And sadly, some of these attacks are intentional. Verizon’s 2018 Data Breach Investigation Report found that 20% of cybersecurity incidents and 15% of data breaches originated from people within the organization, with financial gain (47.8%) and pure fun (23.4%) being the top motivators.

 

For this reason, insider threat ranks pretty high on the list of things that keep small business owners up at night. In fact, a recent report by AppRiver found that small businesses are more concerned about attacks from disgruntled ex-employees than nation-states, competitors, rouge hacking groups, or lone-wolf hackers.

 

And, they have good reason to be concerned because insider threats have increased 50% since 2015.

 

Don’t get us wrong; small businesses aren’t the only organizations affected by insider threats — recently, financial giant, Capital One, was the victim of a data breach. The suspect? A former software engineer for Amazon Web Services — the cloud hosting company that Capital One was using.

 

However, because small businesses often lack the funds and resources of larger organizations, for them, a cyber attack can be detrimental — 60% of small businesses go out of business within six months of a cyber attack.

 

So, in our post today, we’re sharing some tips on minimizing insider threats for small businesses.

 

What is an insider threat?

An insider threat is a malicious attack that originates from someone within or close to an organization, who has authorized access, such as an employee, former employee, contractor, or business associate. And, threats can come from anyone at any level.

 

There are two types of major insider threats: malicious and inadvertent. During a malicious threat, the hacker’s goal usually falls into one of these categories:

  • Sabotage
  • Espionage
  • Fraud (financial gain)
  • Intellectual property (IP) theft

 

Inadvertent threats, however, are usually the result of one or more of these scenarios:

  • Phishing
  • Malware
  • Convenience
  • Human error
  • Bad judgment
  • Stolen credentials
  • Unintentional aiding and abetting

 

Who is at risk?

While insider threat affects organizations from all industries, healthcare organizations tend to suffer from insider threats more than other sectors. In fact, almost one in eight Americans have had their medical information exposed. Other industries that are most at risk for insider threats include financial services, government, technical services, and retail.

 

How small businesses can minimize insider threats

To detect and mitigate insider threats, small businesses need to take a proactive approach to cybersecurity, which means small business owners should know their assets and who has access to them.

 

Other measures include:

  • Implementing personnel security measures, such as Security Awareness training and Human Resource Controls (employee exit processes)
  • Limiting privileges, so employees only have access to the data and applications they need to do their jobs. And, when accessing that data, there should be physical measures in place, such as employee identification numbers, to monitor access patterns
  • Developing a culture that values good cyber hygiene.
  • Along with training employees on Security Awareness, small business owners need to develop password policies, which make strong passwords (eight or more upper and lowercase letters in combinations with numbers and special characters) mandatory. And those passwords should be changed regularly
  • Implementing Endpoint Security Solutions to detect and prevent advanced attacks
  • Establishing a strong Incident Response Plan with clear guidlines on handling insider threats