What if the threat comes from the inside? 77% of privilege misuse caused by internal actors

Cyber criminals have developed various techniques and mechanisms to breach your company’s boundaries and steal your most valuable assets, information and money. But it’s not always their fault. In its 2016 Data Breach Investigations Report, Verizon reported that in 2015 77% of the breaches falling into the insider and privilege misuse category were caused by an internal actor (a further 8% were caused by collusion and 3% by a partner).

The top misuse reported was privilege abuse (66%), which generally happens when people use their access credentials to obtain information for other uses than required by their job. Motivations behind insider and privilege misuse were financial gain (34%) and espionage (25%).

Who is to blame?

It might be a dissatisfied employee who takes revenge and leaks data on purpose, a careless member of your staff who inadvertently discloses sensitive data to a third party, or anyone else, but the point is that you have to blame your company. Even if your staff caused the data breach by mistake or on purpose, they managed to do so because your cyber security measures didn’t stop them.

Do you use default passwords for multiple systems and devices?
Do your staff have access to administrator accounts?
Do you restrict access to accounts containing your most valuable information?

If you answer any of those with ‘no’, don’t be surprised if you experience data breaches.

Two tips for reducing the risk of insider and privilege misuse

First things first, adopt an access control and privilege management process. Restricting access to your company’s key accounts should prevent your staff from causing any malicious or inadvertent data leakage. Assign special access privileges (e.g. administrative accounts) to authorised individuals only and provide the minimum level of access to applications, computers and networks to the rest of your staff, based on what they need for their tasks.

A second tip is to implement a secure configuration management process. Configure computers and networks to reduce the inherent vulnerabilities, and provide only the services required to fulfil their intended functions and nothing else.

Take a step forward

Cyber Essentials can help your company reduce cyber risks and prevent around 80% of Internet-based attacks, including insider and privilege misuse. All you need to do is align your cyber security measures to the five security controls required by the scheme, which are:

  • Secure configuration
  • Boundary firewalls and Internet gateways
  • Access control and administrative privilege management
  • Patch management
  • Malware protection

Achieving certification to the scheme is well within your reach: if you are able to implement the five security controls by yourself, you can get your Cyber Essentials badge for just £300 with our Cyber Essentials – Do It Yourself packaged solution. If you need a bit of help during the implementation process, then the Cyber Essentials – Get A Little Help packaged solution gives you tools and resources to tackle the process on your own. And last, if you need consultancy on the best course of action, the Cyber Essentials – Get A Lot Of Help is what you are looking for.

Secure your company now with Cyber Essentials >>