Learn the 4 new features which will be coming to the Cloud throughout 2022, and what this means...Find out more
Types of Insider Threats!
A 2021 report from Cybersecurity Insiders suggests that 57% of organisations feel insider threats have become more frequent over the past 12 months.
An insider threat means that there is potential for someone inside or associated with the organisation, to use their access or understanding of the business to cause harm to it. A study conducted in 2021, showed that negligence seems to be the leading cause of these incidents. By anyone inside or associated with the company, we mean:
We will discuss 5 different types of insider threats in this blog.
Firstly, an unintentional accidental threat means the organisation has been exposed to a threat through a mistake; therefore it was not the intention of someone to cause harm to the business. The problem with accidental threats is that they can never be completed avoided; however, there are ways to mitigate these risks, such as through training. Examples of accidental insider threats include:
On the other hand, an unintentional threat through negligence means that an organisation has been exposed to a threat through someone being careless. Research from 2017 by Ponemon, found that 63% of insider threat accidents are due to people being negligent. In addition to this, it is common for this style of threat to be from employees who have a good general understanding of IT security and workplace policies but chose to ignore them. Examples of negligence insider threats include:
Intentional threats are when a person related to the organisation wishes to cause harm to the business. There are many reasons someone could do this including, financial gain, unhappiness with how the workplace treats them, and because they have left on bad terms with the business. A study by Gartner found that almost a third of criminal insiders commit these acts for financial gain. Examples of intentional threats include:
Third-party threats are caused by contractors or vendors. They may not be formal members of the business, but they would be given access to facilities, systems, and networks; which they can use for their own advantage. There are two types of threats that come under third-party threats, these include:
Finally, a collusive threat means that there can be one or more insiders collaborating with an external cybercriminal or group of cybercriminals who wants to cause harm to the business. This is always done maliciously. Due to employees working with someone on the outside to hurt the organisation, it can be very hard to find who is involved. Examples of these kinds of threats include:
Furthermore, it can be hard to control the people who want to act in malicious ways toward the business, therefore we suggest regular training and quizzes to ensure staff who unintentionally harm the business are able to learn how to effectively manage any risks. Another suggestion is using a service provider who can monitor your IT to keep watch for any suspicious activity; meaning, the IT specialists will always notify you if they find something which does not look right and where it had come from.
In conclusion, if your business would like further advice and guidance on this matter, please contact us today:
Review TextTestimonial #1
Review TextTestimonial #2
Review TextTestimonial #3
Stephen SawleyBeing partnered with WPC is a joy. Their level of service and turnaround is exceptional. As is every member of the support team that I am in contact with. Savvy support and great to work with!
Mark GWe have been using Workplace Connect for around 2 years now, and have found them to be a great company to work with. The change over from our last provider was seamless, and we have enjoyed an uninterrupted service since then. They are always available to assist with any enquiries, and deal with all matters promptly. I wouldn't hesitate to recommend them to other businesses.
Elliot AzimI have worked with this company for over 4 years and can safely say that the customer service is second to none. The staff go above and beyond to assist with clients and suppliers and are always very friendly and responsive. I would highly recommend Workplace to anyone looking for a quality IT partner.
For more resources, click the link below