INSIDER THREAT

Threats often arise within the organization. Find out the different types of internal threats. Learn to recognize and report them.

What is the percentage of data breaches caused by people within the company?

22%

44%

88%

Information security threats don’t just come from outside. It has been calculated that about 88% of all data breaches are caused by a mistake made by people acting within the company. Human error is at the root of the vast majority of cybersecurity problems.

The human factor

We are talking about "insider threats" when the security risk originates within the organization. People in the organization who cause the security incident are called Insiders. Different types of Insiders can be more or less aware and more or less in bad faith.

Types of Insider

Pawns

Pawns are employees of the company that, involuntarily, become the means by which the data breach is implemented. But how can this happen? Mainly in two ways:

by installing software that opens external access doors to the corporate system.
revealing outside the credentials to access the system.

Goofs

This case is very frequent and arises mainly from ignorance or an underestimation of the consequences of one’s actions. Goofs deliberately circumvent security policies. They don’t do it out of bad faith, but out of lightness or convenience. Some typical cases are:

sending confidential information through unencrypted corporate mail,
not adequately classifying the information,
Superficially managing login credentials.

Collaborators

Collaborators act deliberately to bring outside the company information protected by intellectual property or confidential information about the company’s customers. Some typical cases are:

bringing out confidential information, names of customers, information protected by intellectual property to a competitor,
causing deliberate interruptions of the business activity for the benefit of the company or State with which the collaborator is associated.

Lone wolves

Lone Wolves often have high access privileges, and can have access to confidential information. In some cases they exploit the value of this information to make illicit gains. For example:

a system administrator leading out lists of names,
a former employee who brings confidential company data with him.

The insider game

Can you identify an Insider?

Challenge yourself with the Insider Game

PLAY

Why do so many companies suffer sudden data breaches (data breaches) today? Very often the cause is an insider threat.

INSIDER THREAT

Quiz #1

What is the percentage of data breaches caused by people within the company?

22%

44%

88%

Insider threat

The human factor

Types of Insider

Pawns

Goofs

Collaborators

Lone wolves

The insider game

Can you identify an Insider?

Data breaches

What can you do?

Follow these behaviors to contrast insider threats effectively

Use strong practices for password and account management.

Become aware to recognize potential clues of an ongoing internal threat.

Report any unusual or suspicious events using company procedures.