Why do insiders pose such a significant threat to an organization?

“Insiders” are the people who are part of the system and have access to physical and digital spaces of the organizations. They enjoy the following privileges-

  • They have access to paperwork and digital data
  • They know how the system works
  • They are generally trusted
  • They are inside the firewall – and their network activity isn’t usually monitored or blocked
  • They are privy to confidential data, sensitive information, and intellectual property

A person with these privileges can create trouble when-

  • They are compromised – they work with someone outside the organization against its best interest1
  • They are careless – inadvertently taking confidential data outside the organization premises
  • They feel “slighted” 1 – and want to extract revenge
  • They are out for a profit – by selling intellectual property to competitors1
  • They blow the whistle – expose sensitive company data for a “cause”

The following are some real-world examples of security breakdown owing to insiders-

  • 2002: Timothy Lloyd, a “disgruntled” 2 employee of Omega, planted a software time bomb which resulted in their losing millions of dollars.
  • 2007: Database administrator William Sullivan stole 3.2 million customer records “including credit card, banking and personal information”2 from Fidelity National Information Services.
  • 2009: Army Private First Class Bradley Manning (now Chelsea Manning) leaked sensitive military documents to WikiLeaks2
  • 2010: Terry Childs, who was then the network administrator for the city of San Francisco held the city’s systems hostage for a stretch of time and refused to surrender passwords because “he felt his supervisors were incompetent.” 2
  • 2014: An NRAD Medical Associates radiologist “accessed and acquired protected health information” 2 from their billing systems without authorization. It caused a breach of 97,000 records of patient “names and addresses, dates of birth, Social Security information, health insurance, and diagnosis information.” 2
  • 2012: Ricky Joe Mitchell was a network engineer for the oil and gas company EnerVest. When he found out he was on the verge of being fired he reset the company’s servers to their original factory settings. 2

2013: Edward Snowden released sensitive NSA documents to the public.