Companies and organizations tend to focus on the exterior threat to their network infrastructure. A rising threat is that of the disgruntled insider. Companies and organizations need to focus equally on physical security technologies and information security practices.
Although insider sabotage is among the top three security threats companies face, 35% of chief information security officers in the US still lack the best practices to handle it properly, as quoted in Dark Reading.
To mitigate the risk of an insider threat establishing and maintaining majority control over the corporate environment, senior leadership and executives should have strict controls and procedures in place to measure the performance of all divisions, projects and programs as well as the personnel within those areas. Beyond the social aspects, executive leadership should have visibility into all information security projects at a detailed level. Information security needs to be one of the first lines of defense against insider threats. An effective termination policy should be created and correct user access controls should be deployed to deter insider sabotage. Also to limit the risks of insider sabotage and user error, companies must establish strong policies and protocols, and restrict the ways employees use equipment and infrastructure or privileges inside the company network.
According to Luanu Pascu, from Dark Reading, insider sabotage - whether by a former employee who still has network access and is bent on sabotage or a careless staff member who clicks on phishing links when using company devices, or even a contractor or associate - can be particularly devastating because it’s usually not detected until the damage is done. Also she has suggested what steps CISOs should take further to avoid insider sabotage.
Summarized by Rupal Talati.