Each year, many information security incidents occur, and the majority of those were due to inside sources. The Prime suspects are employees and contractors with the privileged user access, says Sam Elliott, director of security product management at Bomgar. However, researchers also state that the insider threat is escalating rapidly and putting organizations at higher risk than the risk from hackers.
The Chief Executive officer:
When the higher level credentials are compromised, such as CEO, the more devastating losses could be. “Earlier this year, the FBI estimated that sophisticated scams targeting CEOs have cost companies $2.3 billion in losses in the last three years alone,” Elliott says. “These types of attacks on CEO credentials and information show that outside attackers will go after both the very top and the very bottom of an organization.”
The Executive Assistant:
As an executive assistant possesses much critical information that are ultimately used by an executive officer, it is highly critical to make sure that information is safe with executive assistant. No matter how small the information it is, it can be used against an organization. “In many organizations, executive assistants may hold lots of keys,” Elliott notes. “Often, they are allowed access to sensitive information on executives, processes and systems such as log-in information, financial information and high-level files. This makes them valuable targets for outside threats.”
The Former Employee or Vendor:
It has been much critical to maintain a database for the employees and vendors who are no more associated with the organization anymore. Moreover, their credential to access the organization’s information should be terminated as it can be posed a high security threat. “Without closing off this access, companies are vulnerable to an attack. A best practice is to eliminate these profiles to reduce the attack surface”, Elliott says.
The Social Media Manager:
Social media manager poses a higher security threat than other ordinary employees, as they are frequently connected and serving on social media apps, from which many are unsafe and a playground of malicious actors. Elliott explains, “Cybercriminals may seek access to a company by posing as a social media administrator who claims to need access to a system or other information.”
The Temporary Employee:
Nobody knows if the temporary employee has no intention to harm organization and is there for a good opportunity in the organization. So, they should also be treated as other employees for which continuous monitoring is done. Elliott says. “They are often provided temporary access to online systems like payroll and other portals where data is held, and may also be provided hardware such as laptops or mobile devices. These employees should be treated with the same security safeguards as any other workers.”
These are some fundamental positions of an organization that are greatest insider risks if their intentions are not good or are not following best security practices. The only way to overcome insider risks and threats is to implement continuous monitoring and defining access control for each level of employee to restrict their information usage.