Did you know that 68% of security breaches are caused by insiders?
Despite this alarming statistic, most security measures focus on perimeter defenses to keep external hackers at bay. While perimeter defenses are necessary, they are not sufficient. External hackers often seek to exploit insiders because they are often vulnerable. Therefore, it’s critical to develop a holistic understanding of insider risk posture and drive your security program accordingly.
Let’s clarify what insider risk truly means. Traditional views focus on malicious employees, the so-called “bad apples.” While these individuals pose a threat, they only account for about 1-5% of insider-related issues. The remaining 95-99% stem from well-intentioned insiders making accidental or negligent mistakes while performing their duties.
To effectively mitigate insider risk, it’s also essential to identify, understand, and manage these accidental and negligent mistakes that occur regularly within your organization. These are the mistakes that are most likely to lead to security breaches and put your company at risk.
Here are some examples:
Credential Stuffing: This attack method is on the rise and significantly contributes to breaches because humans often reuse credentials. This is a prime example of accidental or negligent insider risk. Do you monitor your employees to ensure they aren’t reusing corporate credentials on third-party sites?
Data Exposure: Employees frequently need to share information both internally and externally during their work. However, simple mistakes can lead to the inadvertent sharing of PII, PHI, and financial information, which could trigger disclosure requirements. This risk isn’t limited to collaboration tools but extends to big data environments like Snowflake. Do you have monitoring in place to address this?
Device Posture: Companies rely on their employees to keep corporate & BYOD devices and data secure. However, attackers target employees, attempting to get them to install rogue applications and browser extensions to take over their devices and sessions to critical applications, even if strong authentication methods like passkeys or MFA are enabled. Do you have comprehensive monitoring in place for applications installed, infection rates, and device posture gaps across all devices employees use to access your network?
The list goes on, including unsafe SaaS usage, Phishing susceptibility, malicious data exfiltration & misuse of admin privileges among others.
A holistic approach to insider risk involves understanding it across all these dimensions, attributing specific risks to individual insiders, and then implementing guardrails and deterrence measures backed by appropriate data and justification. The good news is that this no longer requires months of effort.
Contact Anzenna to learn more and get a free Insider Risk Assessment today!
