“People ask the difference between a leader and a boss The...
Transcript of “People ask the difference between a leader and a boss The...
Insiders pose a substantial threat by virtue of their knowledge of and access to their employers systems and
databases. Insiders can bypass existing physical and electronic security measures through legitimate measures.
It is classed as one of the biggest threats to an
organisation.
• We are all an Insider as soon as we join the company • We pose our own individual threat • Target: People, Information, Technology, Facilities
(Critical Asset) • Based on motive.
• Intentional or unintentional threat from people within the organisation
• Current or former contractors, business associates or employees
• Knowledge of the organisation, security practices, data and computer systems
• Intentionally or unintentionally impact an organisations critical assets
• Committing fraud, stealing or disclosing confidential or commercially valuable information, or disrupting networks, processes, systems or data
Intentional Threat is a current or former employee, contractor or business partner who:
• Has or had access to an organisations network, facilities or system
WHO
• Intentionally misused their access in order
TO
• Affect the confidentiality, the integrity and the availability of the organisations information and
data.
Unintentional Threat is a current or former employee, contractor or business partner who:
• Has or had access to an organisations network, facilities or system
WHO THROUGH
• Their action / inaction without malicious intent
CAUSE
• Harm or substantially increase the probability of future serious harm to the confidentiality, the
integrity and the availability of the organisations information and data.
Insider IT Sabotage
An Insiders use of IT to direct specific harm at an organisation or an individual
• Deletion of information • Bringing down systems
• Website defacement to cause embarrassment
Insider Theft of Intellectual Property
An Insiders who steals intellectual property from an organisation
• Designs, Documents
• Customer Information • Software
Insider Fraud
An Insiders use of IT for the unauthorised modification, addition or deletion of an organisations data, for personal gain or theft of
information which leads to fraud (credit cards)
• Theft and sale of confidential information • Modification of critical data (Criminal records, Driving Licence,
Benefits) • Stealing of money (financial organisations)
National Security
The act of stealing and delivering, or attempting to deliver information about National Security to foreign countries.
• Spying
The profile of the Insider can be anybody, but the Centre for Protection of National Infrastructure (CPNI) suggest that statistically: • 82% are men • 49% aged 31 – 45 years old • 88% are permanent employees • 45% are Managers • 47% is for financial gain • 58% are graduates • Most Insiders have worked for the company for 3 -5 years • Most commit the crime within 60 days of leaving
The reasons why an individual could resort to being an Insider can be vast, but the main reasons are:
• Disgruntled Staff • Financial Gain
• A change of employer • Commercial Espionage
• Revenge
Recognising the traits of an Insider is not easy and it is based more on behavioural factors such as:
Mitigating the risk of the insider can be conducted in the following ways but there is no “Silver Bullet”.
• Know your people
• Identify critical assets • Educate and Train personnel
• Controlled Access • Split responsibilities
• Be proactive and not reactive • Deterrence and detection
The Insider threat is very hard to detect and there is no answer on exactly how to stop it, but it can
be mitigated.
People work in positions of trust and responsibility and can therefore work under detection limits. It is
up to the organisation to understand these risks and the threats posed.