Malicious Insiders: Is Your Operation Safe?

cyber thiefRisks lie everywhere in the supply chain, from bad weather to broken equipment to unexpected legal delays. The people inside your company may not seem like the last risk managers need to fret over – but they have the potential to be among the biggest threats to supply chain safety.

One study found that 58 percent of risks in the business world come from the insider threats – but what does that mean?

Insider threats are ever-present, and often hard to detect. They may occur in the form of a current or former employee with company access who intentionally or unintentionally harms the integrity of an organization’s network.  More often than not, they are discovered via manual methods vs automated technology. This is often difficult for originations to understand given our focus on newer/faster/better.

In this series, we’ll explore the types of insider threats firm’s face, and how to mitigate them.

First, let’s look at the potential threat posed by a malicious insider.

The Threat

Malicious insider threats fall under an array of categories – a disgruntled worker could seek to undermine the company, or a greedy one could seek ways to line their own pockets. An employee could be looking for a way to beef up their options as they consider leaving for a new job.

Carnegie Mellon defines a malicious insider threat as

“a current or former employee, contractor, or other business partner who has or had authorized access to an organization’s network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organization’s information or information systems.”

In today’s data-driven world, professional information isn’t locked behind a file cabinet anymore. Much of what firms store and communicate lives online, and that opens firms up to threats unknown even a decade ago.

Intellectual property and proprietary information are sensitive materials that companies aim to restrict access to. However, reliance on computers and smartphones can make protected data easy to attain for an insider with bad intentions.

Malware installed via a simple email can siphon off data. Spyware that tracks keystrokes can suss out passwords that can open up private systems. This type of software can potentially put a company’s information in the hands of criminals, representing a clear threat to the operation and its supply chain.

Finding the Threat

Malicious threats are hard to track.

First, accidents happen in every workplace, making it difficult to pinpoint one person who may have done something purposefully, versus simple human error.

Secondly, many insiders work slowly. It can be difficult to track small moves over a long period of time in order to realize a pattern of malfeasance.

Finally, the same technology that can make breaches easy can also stymie efforts to track problems. Laptops, smartphones and Internet connections that allow employees to work more nimbly can also provide opportunity to hack a system, or shift files from a work computer to a personal machine.

Some analysts cite a fraud triangle – for an employee to take malicious action, they need opportunity, rationalization and pressure. Pressure might be financial pressure from a large health bill or other debt, as they rationalize it’s worth the risk, and realize there’s opportunity as security remains low.

The key to combating malicious threats is to be aware of the weaknesses in your corporate system and processes, and among your workforce. Creating policies and educational programs applicable to everyone, aimed at corralling all threats, helps as well — malicious threats aren’t the only threats out there.

Unintentional threats also plague firms and their supply chains, but we’ll examine that in the next post.

Stay tuned: Part II of this series will offer a closer look at the accidental insider threat, while Part III will provide mitigation strategies.

2 thoughts on “Malicious Insiders: Is Your Operation Safe?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s