Insider Risk


Using a Web search engine, find an article from a reputable source, published within the past six months, that reports on the risk coming from inside the organization compared to the risk coming from outside the organization. If the article notes that this relative risk is changing, how is it changing and to what is the change attributed? 1

In a January 26, 2017 article in the Digital Guardian blog, authors Giandomenico and de Groot discuss “Insider vs. Outsider Data Security Threats: What’s the Greater Risk?”. Digital Guardian is a Gartner-recognized industry leader in the cyber markets spaces of Data Loss Prevention and Insider Threat Protections. 6

The article compiles the answers of 47 information security experts to the question “What’s more of a threat to a company’s data security: insiders or outsiders?” 5

The general consensus seems to be that outsider risks and subsequent breaches are more widely publicized, result in huge losses, and are mitigated by tradition security measures.

However, insider threats are difficult to detect, almost never made publicized, creates greater damages, and most organizations don’t have the tools to prevent and curtail these risk factors.

Insider risk could be accidental or malicious, and as “insiders” are already in the system, the traditional security measures of firewalls and Intrusion Detection and Prevention (IDPS) are not effective to reduce or prevent the risk. The surface area of attack is huge, and the access to sensitive data is permitted, and these factors pose extraordinarily high risks to the confidentiality integrity, and availability of all organization data. The risk posed by insiders is constantly growing due to the fact that they are human, and are susceptible to human behavior, weaknesses, and errors, like sharing of passwords, social engineering, circumventing policy for ease of use, as well as giving into malicious intent of illicit profit or destruction, when they turn rogue.

References

  1. Whitman, Michael E. Management of Information Security, 5th Edition. Cengage Learning, 20160411. VitalBook file.
  2. Zetter, K. (2014, November 03). An Unprecedented Look at Stuxnet, the World’s First Digital Weapon. Retrieved from https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/
  3. Kushner, D. (2013, February 26). The Real Story of Stuxnet. Retrieved from http://spectrum.ieee.org/telecom/security/the-real-story-of-stuxnet
  4. Sanger, D. E. (2012, May 31). Obama Order Sped Up Wave of Cyberattacks Against Iran. Retrieved from http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html
  5. Giandomenico, N., & De Groot, J. (2017, January 26). Insider vs. Outsider Data Security Threats: What’s the Greater Risk? Retrieved from https://digitalguardian.com/blog/insider-outsider-data-security-threats
  6. Funaro, G. (2017, February 21). Digital Guardian is a Leader in the 2016 Gartner Magic Quadrant for Enterprise DLP. Retrieved from https://digitalguardian.com/blog/digital-guardian-leader-2016-gartner-magic-quadrant-enterprise-dlp-again
  7. Drew, S. (2015, April 8). Vulnerability Assessments versus Penetration Tests. Retrieved from https://www.secureworks.com/blog/vulnerability-assessments-versus-penetration-tests
  8. Barchie, J. K. (n.d.). Penetration Testing vs. Vulnerability Scanning. Retrieved from http://www.tns.com/PenTestvsVScan.asp