July 13, 2016 Jonathan Koralnik

An Inside Job: Reflections on the Rise of the Insider Threat

The insider threat is quickly becoming one of today’s biggest cyber security challenges.

This blog post introduces the concept of the insider threat, and explores how the

prevalence and awareness of this phenomenon have increased in recent years.


What is the Insider Threat?

The insider threat refers to the security threat that employees pose to an organization.

Employees often have access to their organization’s computer systems and information,

and thus have the ability to mismanage and even steal sensitive company data. 1 CA

Technologies names three types of insider threats: “malicious insiders” deliberately steal

information or sabotage a company’s computer systems, “exploited insiders” are

unwittingly tricked by external parties into providing passwords and data, and “careless

insiders” accidentally delete or modify important information. In today’s data-driven

workforce, theft or destruction of data can be catastrophic for a company. 2


The Rise of Insider Threats

The latest research shows that the number of security breaches from insiders is growing.

83 percent of executives polled in EY’s Global Forensic Data Analytics Survey in 2016

stated that insider threats and cyber breaches posed the biggest risk to companies

becoming a victim of fraud, corruption, or data loss. 3 Similarly, the 2015 Insider Threat

Spotlight Report noted that 62 percent of security professionals report that insider threats

have become more frequent in the last 12 months. 4 In fact, insider threats have overtaken

external attacks as the greatest cyber security risks: the IBM 2015 Cyber Security Index

revealed that insiders commit 55% of all security breaches, compared to 45% perpetrated

by outsiders. 5


Increase in Coverage on Insider Threats

Insider threats have historically been overshadowed by external threats. A 2015 article by

Info Security observed, “Insider threats aren’t recognized as the gaping issue that they

are.” However, as insider threats have grown in prevalence, they have received more

coverage, as cyber security authorities (such as those referenced in this article) have

publicized the issue. Articles like SC Magazine’s 2015 piece, “Report: Insider Threat

More Dangerous Than External Risks,” have become increasingly common. 6



How to Prevent Insider Threats

While insider threats are posing an increasingly large threat on companies, there are

certain measures that companies can implement in order to prevent – or at least mitigate –

the insider threat. Firstly, companies should thoroughly screen all job applicants to ensure

that they only bring in employees that can be trusted with sensitive data. It is also

important that businesses provide employees with computer security training and

education in order to reduce the likelihood that employees accidentally mishandle data or

give away sensitive information to external attackers. 7 Most importantly, companies

should install a cyber security platform that monitors employee computer use and alerts

them when they are exhibiting suspicious or damaging activity.



  1.  https://digitalguardian.com/blog/what-insider- threat-insider- threat-definition
  2.  http://www.ca.com/content/dam/ca/us/files/white-paper/dealing- with-insider- threats-to-cyber-security.pdf
  3.  http://www.computing.co.uk/ctg/news/2442565/malicious-insiders- the-fastest- growing-threat-to- cyber-security- warns-report
  4.  http://www.infosecbuddy.com/wp-content/uploads/2015/06/Insider- Threat-Report-2015.pdf
  5.  https://essextec.com/wp-content/uploads/2015/09/IBM- 2015-Cyber- Security-Intelligence-Index_FULL- REPORT.pdf
  6.  http://www.scmagazine.com/report-insider- threat-more- dangerous-than- external-risks/article/455117/
  7.   https://www.darklightcyber.com/blog/fighting-insider-threat

We are always happy to hear from you.