Insider threats contribute significantly towards losses in the form of fraud, sabotage, abuse of assets and information leakages, says Hedley Hurwitz, MD of Magix Integration.
Hurwitz describes insider threats as the risks posed by attacks on IT systems from current or former employees, or their impersonators, who have authorised access to their organisation's systems, applications, networks and internal policies and procedures.
He says insider security problems include malicious intent, disdain of security practices, carelessness, as well as ignorance or lack of security policy, and proper information system use.
Adds Hurwitz: “Insiders can collude consciously, or unconsciously, to provide information and access to external attackers. Insider and outsider threats merge when careless behaviour by insiders and weak perimeter and internal security systems enable outsiders to become insiders, and thereby gain access to all the company's systems and data.”
Insider threats are difficult to detect and prevent, says Hurwitz. He explains this is because as vetted members of the organisation, employees are in a position of trust and are expected to have a vested interest in the productivity and success of the group.
“Insiders are often above suspicion, and the last to be considered when systems malfunction or fail,” he says.
Hurwitz adds that the insider security problem is well recognised around the world, and has formed the basis of numerous studies. “A recent international insider threat mitigation report concluded that 'the insider threat is real, and very significant'”.
In a bid to check insider threats, Hurwitz says the past five years have seen a dramatic emergence of regulations, methodologies, frameworks and specific IT technology solutions that monitor and mitigate the risk posed by insider threats.
He adds that the burden on companies to comply with regulations or best practices, and reduce the financial loss resulting from insider attacks, is growing exponentially.
In SA, the situation is no different, observes Hurwitz, although many companies remain unaware of, or choose to overlook the threat. “Currently, there are no formal statistics available for the incidence of insider threat attacks in SA.”
In an attempt to bring about awareness of the insider threat, as well as to provide insight into how prepared South African organisations are, Magix, in conjunction with ITWeb, is conducting an insider threat survey.
Related story:
Play it safe
Share