Orphan accounts are accounts that do provide access to corporate systems, services and applications but do not have a valid owner.
5 tips to successfully defend your business against internal cyber threats
An internal threat refers to the risk of somebody from the inside of a company who could exploit a system in a way to cause damage or steal data.
It’s a well-known statistical fact that in murder cases, the perpetrator is often someone the victim knew in person. The same goes for cyberattacks and data theft: according to IBM’s X-Force Threat Intelligence Index Report, up to 60% of cyberattacks may be due to insider threats…
Given this remarkably high figure, it is not surprising that more than 50% (!) of the organizations surveyed have had to deal with an inside cyberattack in the past 12 months.
Malicious intent (with or without)
Even though most companies are well aware of inside cybersecurity threats, they are often reluctant to dedicate the necessary resources and/or executive attention to solve the matter. This is due to the fact that it’s tempting to underinvest in combating cyber threats, as the solutions are often less tangible compared to those in other cyber areas. Furthermore, many companies feel embarrassed about insider threats – after all, it’s a discomforting idea that danger could come from your own staff – and are therefore inclined to minimise the problem.
Recent reports show that more than half of the inside threats are not caused by malicious employees, but rather by accident or negligence. On top of that, even malicious insiders do not always seek to harm the company. In many cases, they are simply motivated by self-interest.
Some best practices to reduce internal threats
Regardless whether an internal cyberattack is due to malicious intent or not, the following best practices can help to reduce the risks:
- Research potential employees before you hire them. A background check doesn’t need to be complicated, nor expensive. A call to their previous employers, plus a basic Google and social media check can help you quickly spot ‘risky’ applicants.
- Organize cybersecurity trainings and make attendance mandatory. Don’t forget to schedule training update sessions – at least annually –, to keep employees aware of changing technologies and threats. In other words: arm your employees and ensure they are an asset to your security, rather than a threat.
- Be aware of suspicious changes in an employee’s behavior. If he or she starts wearing exclusive watches or jewelry, or starts staying late at work or walking in during the weekend, something fishy might be going on…
- Install an employee monitoring solution to get a warning when a staff member, for instance, opens all the company’s client data within a few minutes or starts downloading large amounts of sensitive data.
- Make sure your employees use unique complex passwords that are not shared with other accounts. Also limit the use of shared accounts.
While businesses take cyber security more and more seriously, it is clear that there are still things that are often overlooked. When forming a security strategy, companies should take in account all possible threats, both from the outside and the inside. On top of that it is important to not only look at security threats as attacks with malicious intent, but also as unlucky accidents that could happen. Taking this into consideration when forming a multi-layered defence strategy could make a huge difference for your company.
Elimity designs sophisticated – yet easy to use – identity analytics software, which helps you to significantly reduce the risks of internal threats, while making sure you remain compliant with local and international laws.