Since the start of the pandemic, insider threats have been on the up. In fact, a report this year by Cybersecurity Insiders suggests they have increased 57% over the last 12 months.
The reasons behind this rise are many and varied, but one of the key challenges they present is that they are simply really hard to detect. Unlike external threats, such as hackers, insiders have legitimate access to your organisation’s systems, networks, and data.
They also come in various shapes and sizes, so there isn’t necessarily a single profile to work with, although they do tend to fall into two distinct types:
The Negligent Insider
Negligent insiders do not have malicious intent. They just make mistakes that result in sensitive data being inadvertently lost or leaked and even in entire systems being taken out, preventing the business from operating effectively in the process.
One form of threat that has increased since the pandemic started, for example, is phishing and spear-phishing attacks. At Australian National University, such activity resulted in a senior staff member being tricked into clicking on a malicious link. The incident led to a significant amount of personal staff and student data being stolen.
Another common error is unintentionally sending emails to the wrong person. In mid-2019, for instance, the private health details of 24 NHS employees were exposed after someone in the HR department sent an email to a team of senior executives.
The Malicious Insider
Malicious insiders knowingly and intentionally steal company information, generally for financial gain, to gain competitive advantage, or because they are holding a grudge.
Examples here include Christopher Dobbins, who after being let go from a US-based medical device packaging company in early March 2020, used a fake account to edit and delete other user accounts. Doing so disrupted the firm’s supply chain, causing delays in the delivery of PPE to healthcare providers.
In September 2020, meanwhile, a Nevada court also charged Russian national Egor Igorevich Kriuchkov with conspiracy to intentionally cause damage to a protected computer. He was accused of offering an employee of Tesla’s Nevada Gigafactory $1 million to transmit malware on the company’s network via email or a USB drive in order to extract data from the network – although luckily he was caught before any harm was done.
How to tackle the problem
But as difficult as it can be to get a handle on just who exactly the organisation’s biggest insider threats are, the consequences of failing to deal with them adequately can be disastrous, not least in terms of the cost of sorting out the mess and the damage to the company’s reputation.
So what are the best ways to tackle this challenge?
Improve your IT and security infrastructure
On the one hand, organisations can take action to improve their IT and security infrastructure and ensure everything is patched and up-to-date. However, while this is absolutely necessary, it can be a slow and costly procecss. It also doesn’t directly address the ‘human’ element of insider threats.
Train your staff to recognise insider threats
On the other, staff training can also be offered to both reduce the risk of accidental errors and oversights and ensure employees are aware of possible warning signs and how to go about reporting them. Though certainly worthwhile, it’s difficult to keep employees constantly up-to-date with the latest cybersecurity issues and the new techniques employed by malicious insider in particular.
Start with the hiring process
In order to make the biggest impact, however, it makes sense to minimise the risk of insider threats in the first place by starting with the hiring process.
Conducting thorough background checks can identify job candidates who have:
- A criminal record or dubious credit history;
- Been dismissed from former roles for misconduct or negligence;
- Lied about or misrepresented their qualifications and employment history;
- A history of disputes or litigation with previous employers.
Tips for effective background checking
Undertaking such checks is particularly important in field, such as IT, finance, procurement and HR, where workers have more than usual access to sensitive systems and data.
Our top tips for effective background checking include:
1. Ideally, checks should be conducted not only during the recruitment process but also semi-regularly over the course of the employee’s tenure.
2. Extra care should likewise be taken when screening contractors, especially if the organisation relies heavily on outsourced skills in functions such as IT.
3. Any background checks must be proportionate to the role in question and that, if rescreening or continual screening is to become the default for certain employees, an expert should always be consulted to help you get a good grasp of the legal implications.
Use a background checking service to protect your business
Need a reliable employee screening service to improve the quality of your hiring and reduce the risk of insider threats? Find out more about our background checking solutions.