VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
Insider threats
1. About : Insider Threats
• You might have heard of the threats that are built into machines, and the ones that are created by
people to exploit loopholes in any given system.
• We're all aware of the malwares and viruses, the phishing sites, fake accounts, and everything
digital threat that exists in this day and age.
• But let’s throw it back to the classics for a bit to tackle on the still existing grave threat, and
probably the most dangerous of them all: insider threats.
• That's right; there isn't a code, a program, software or data cache that's more dangerous than a
human mind.
www.izoologic.com
2. About : Insider Threats
Since the dawn of time, for every great
creation that works using a system (the
calendar, a government, the multiplication
table), there have been minds who have been
able to see the limits and deduce the
effectiveness of each.
Fast forward to thousands of years of human
development, and this still holds true.
Cryptocurrency, the latest trend, has its own
digital demons to exorcise, but its greatest
adversary is still the human mind with evil
intent.
www.izoologic.com
3. Insider Threats
www.izoologic.com
CA Technologies put up a report regarding
insider threats, or the classy, Ocean's Eleven
way of doing things, led by Holger Schulze,
CEO and Founder of Cybersecurity Insiders, a
group dedicated to the investigation of
malicious insiders, and negligent ones.
Simply put, insiders can either know or do not
know that they're being a threat to
cybersecurity.
4. www.izoologic.com
Insider Threats
This is done, how, you ask?
• Well, every villainous group has a mastermind. That's where it all begins.
• An employee, executive, or a co-owner of any business can jeopardize the security of the
company, and this mastermind is doing it willingly, most likely due to greater ambition.
• Of course, taking over an empire is no easy task, and is not something you can do without allies.
• So, the next tier of insiders comes to play: the major players.
• These are carefully planted moles in every department, equipped with the necessary skill, title
and ambition to participate in such a risky activity.
• Lastly, a scheme will never be complete without its most prominent performer: the pawns.
• These are the ones that are either in the loop but too incompetent for a bigger role, or the people
who have no idea that they're participating in something of the sort.
5. Insider Threats
CA ran a survey spanning 400,000 members of the online
community, with Cybersecurity Insiders, in partnership
with the Information Security Community on LinkedIn to
conduct an in-depth study of cybersecurity professionals to
gather fresh insights, reveal the latest trends and provide
actionable guidance on addressing insider threat.
Below are the key takeaways on the survey:
www.izoologic.com
6. • 90% of organizations feel vulnerable to insider attacks.
• The main enabling risk factors include too many users with excessive access privileges (37%), an increasing number of
devices with access to sensitive data (36%), and the increasing complexity of information technology (35%).
• A majority of 53% confirmed insider attacks against their organization in the previous 12 months (typically less than five
attacks).
• 27% of organizations say insider attacks have become more frequent. Organizations are shifting their focus on detection
of insider threats (64%), followed by deterrence methods (58%) and analysis and post breach forensics (49%).
• The use of user behaviour monitoring is accelerating; 94% of organizations deploy some method of monitoring users
and 93% monitor access to sensitive data.
Insider Threats
www.izoologic.com
7. The most popular technologies to deter insider threats are :
• Data Loss Prevention (DLP), encryption, and identity and access management
solutions.
• To better detect active insider threats, companies deploy Intrusion Detection and
Prevention (IDS), log management and SIEM platforms.
• Lastly, the vast majority (86%) of organizations already have or are building an
insider threat program.
• Thirty-six percept have a formal program in place to respond to insider attacks,
while 50% are focused on developing their program.
Insider Threats
www.izoologic.com
8. The types of insiders that pose the biggest risk to organizations are
somewhat expected, but with an asterisk.
1. For example, 56% of the mitigated risk of insider threat comes from regular employees,
most likely out of neglect, or what we call the accidental/unintentional insider.
2. 55% of the mitigated risk comes from privileged IT users/admins, with access to more
confidential data as their tier goes higher and is a mix of the unintentional and the
malicious kind of insider.
3. Temporary workers, contractors and service providers generate 42% of the mitigated risk
and is also a combination of unintentional and malicious.
www.izoologic.com
Insider Threats
9. The kind of data most vulnerable to insiders, with a percentage value on
mitigated risk are:
• 57% on confidential business information (customer data, financial reports, employee data
• 52% on privileged account information (credentials, passwords, security codes)
• 49% on sensitive personal information (what you did last summer, personal identifiable
information)
• 32% on intellectual property (trade secrets, products in development, designs and
blueprints)
• 27% on operational or infrastructure data (network topology and infrastructure, methods
of wresting control)
Insider Threats
10. 1. Most of these data can be accessed on several platforms, but the most common sources
that insiders can get these from are Databases, file servers, cloud applications,
endpoints, business applications, the active directory, the physical network, and mobile
devices.
2. Accidental insiders get involved primarily through phishing attempts, weak passwords,
unlocked devices, password sharing and unsecured networking.
3. Among the organizations participating in the survey, 34% consider external attacks
(hacking, defacing) as the most likely insider threat to happen to their organization,
while 36% believe that they are more prone to a deliberate attack, and 30% would like to
write it off towards accidental/unintentional breach of security.
Insider Threats
11. While this is somewhat a difficult way to breach Cyber Security, it’s still the most effective
way, and the human mind is greater than any machine, hence, this is a problem that's going
to exist for a while.
Insider Threats
12. Contact Us
14 Hanover Street, W1S 1YH City of Westminster, London
UNITED KINGDOM
+44 20 3734 2726
info@izoologic.com
www.izoologic.com