Insider threat is something most companies think won’t happen to them. At least they hope so.
Here is the story of one “infiltrator”.
Years ago he applied for work at Lockheed Martin as an IT worker. With a resume in hand and his charm he hoped he would get a job. At the same time he had already applied for work as a janitor at a local police department, hoping to steal credentials for access to the National Criminal Information Center or NCIC.
Later, he got employment with a private security firm which gave him unrestricted physical access to the networks of the finance department of a big clothing company.
As an insider, he knew the facility’s inside and outside layout, had access to the company’s security infrastructure and could copy RFID badges.
He also had full knowledge of daily routines, names and faces of employees and contractors and could bug all of the computers on the network.
You get the general idea.
The statistics for insider threat are a bit insane. Incidents are up almost 50 percent since 2018. The cost from insider threat incidents is up over 30 percent.
Even more scary is the statistic that the number of reported insider incidents is up over 75 percent since 2018.
Physical security is usually overlooked and sometimes the security infrastructure, both cyber and physical, is more convenient than secure. For example, WiFi cameras are easy to jam and RFID access cards or fobs are convenient, but typically not configured securely.
This is why you have to consider the total risk your organization has and not just a part of the risk. Consider all of the things that you don’t want to consider.
Additionally, look at the security measures that you have in place and figure out how an infiltrator who has time and access can compromise them.
With the Russians, Chinese and North Koreans working hard to cause chaos, you don’t want to be compromised. They are, unless you are a high value target, not going specifically after you; they are going after the soft targets.
Is your company a soft target? Have you done a full risk assessment? In the last year? It may be time to conduct (another) one. If this makes sense to you, please contact us. Credit: Cybernews