The Insider Threat Matters
Cybersecurity is more relevant than ever before, as the number of attacks continues to rise and organizations are increasingly vulnerable due to the increasingly digital world of today. But the threat is not just from externals looking to harm or steal valuable information from your company, it is just as much from internals.
December 2017: In early December, British supermarket chain Morrisons was found liable for the actions of a former member of its staff, who stole the data of thousands of employees and posted it online. Close to 100,000 staff brought a claim against Morrisons after the data breach in 2014 and the High Court has now allowed those affected to claim compensation. The case and the ruling thereby represents the first data breach class action in the UK. A case such as this is also expected to increase following the introduction of the GDPR.
The disgruntled employee
Morrisons has explicitly noted that it does not feel it should be held responsible and will appeal the decision. In the data breach, an employee posted information including names, addresses, bank account details, and salaries online and sent them to newspapers. The former employee’s motive appears to have been a grudge over an incident where he was accused of dealing drugs at work.
While the employee was sentenced in 2015 for securing unauthorized access to computer material and disclosing privacy data, Morrisons is now being held responsible for breaches of privacy, confidence, and data protection laws.
The case highlights the seriousness of insider threats. Companies need to pay heed to the threat and implement the necessary processes and IT systems that limits the access to privacy data and systems that spot cybersecurity threats before they happen. Organizations need to ensure they are not left wide open to an attack, internal or external, especially with the looming GDPR legislation.
Not all threats are hostile
While the Morrisons case represents the dangers of the disgruntled employee, new data from NTT Security’s 2017 Global Threat Intelligence Center illustrates that dangers lurk elsewhere as well. According to NTT Security’s 2017 Global Threat Intelligence Center quarterly threat report for Q3 2017, employees often put an organization at risk without even knowing it. According to the report, only about 25% of insider threats are hostile, the remaining 75% are due to accidents or negligent activity. This calls out for more technical measurements that can limit such accidents or negligent actions.
One way is to ensure you have an overview of what the employees have access to and then govern this control, is to constantly be in control of who has access to what, when, for how long - and why they have this access. Know your joiners and leavers, and those moving around in the organization. The combination of these, means you at all times have an overview of the access to the systems and applications your organization uses and keep loop holes closed off. This will enable you to act quickly, if a data breach does happen