The new Insider Threat Report from Verizon gives companies of all sizes a better understanding on how to deal with insider threats.
According to the report, 47.8% of malicious insiders are driven by financial reasons.
A striking data, is that while it can only take minutes for an employee to compromise a system, it can take months to discover the misuse.
The report also categorizes the five different insider threat actors:
- The Careless Worker: The employee who mishandles data, installs unauthorized apps, and execute othe negligent security behaviour.
- The Inside Agent: The employee who steal data on behalf of outsiders.
- The Disgruntled Employee: The employee who want to harm the organization by destroying data or disrupting business activity.
- The Malicious Insider: The employee who steal data for personal gain.
- The Feckless Third Party: The business partners who compromise security through negligence, misuse, or malicious access.
To discover the problem, the report outlines 11 countermeasures organizations can take to mitigate risks and improve cyber security:
1. Integrate Security Strategies and Policies
2. Conduct Threat Hunting Activities
3. Perform Vulnerability Scanning and Penetration Testing
4. Implement Personnel Security Measures
5. Employ Physical Security Measures
6. Implement Network Security Solutions
7. Employ Endpoint Security Solutions
8. Apply Data Security Measures
9. Employ Identity and Access Management Measures
10. Establish Incident Management Capabilities
11. Retain Digital Forensics Services