The digitization of the business ecosystem has generated new opportunities for growth and transformation of organizations across industries. This digital revolution has also introduced new risks to business operations as cybersecurity threats evolve and proliferate.
While organizations have long prioritized external cybersecurity risks, many are now considering the risks posed by trusted insiders due to the potentially greater damage they can cause. Consequently, organizations are beginning to recognize the importance of establishing controls to combat insider risks.
The most common insider risks include espionage, fraud, loss of sensitive business assets, sabotage and physical violence.
Several high-profile incidents attributed to insiders have contributed to increased awareness. Recent examples include theft of sensitive data from a leading technology company and sabotage of an automotive manufacturer’s operations. Regardless of industry, the impacts of insider incidents are potentially devastating—and financially steep. The average cost of insider incidents has climbed to $8.76 million, according to a study by the Ponemon Institute1.
Overall, cybersecurity has evolved from an information technology (IT)-centric function to an organization-wide risk management issue. While insider risk management is evolving in a similar way, current market adoption strategies emphasize use of additional tools and technologies to address insider risks without including the underlying principles of risk management.
$8.76 million
50%
* The Ponemon Institute, “2018 Cost of Insider Threats: Global Organizations,” April 2018.
** Crowd Research Partners, “Insider Threat 2018 Report,” 2018.
Insider Threats Impacting your Business
Insiders perpetrate five different types of malicious activities that will impact your business. On average, insider attacks cost more than the external breaches due to the insider's knowledge of the environment and location of critical assets or "crown jewels".
Deliberate destruction, damage, or obstruction, especially for political or military advantage. Example: An insider deletes backups and wipes the production database before leaving the company.
Our enterprise wide approach to managing insider threat
Establishes the constitution of the program and ensures consistency with organizational culture, sets guidelines for consistent application, and creates structure for acting on ambiguous information.
Insider risk management programs often focus exclusively on implementing tools and technology without incorporating the necessary organizational, risk management, and cultural considerations. Without using those considerations to fine-tune the collection, the tools are not able to discern between relevant and non-relevant data, essentially searching for the needle in the proverbial haystack. Technology plays an important role, but is just one component of an effective program.
Culture should be considered when defining the program scope and goals. The program should protect the organization, people, and critical assets without being perceived as an overbearing authority or impeding the organization’s goals and operations.
