Generic filters
Exact matches only
Filter by Custom Post Type

Businesses must be more vigilant to insider threats

The SANS Institute has recently released a report highlighting the dangers of insider threats for global organisations. The report focuses on the lack of safe guards in place in these organisations to prevent insider attacks. The results of the SANS insider threat survey showed that whilst 40% of respondents said malicious insiders would cause the greatest damage to their business, 45% of respondents admitted they didn’t know the scale of potential losses.

Insider attacks can be split into two categories; malicious insiders and unknowing insiders. Unknowing and accidental insiders are pawns for outsider attackers typically looking to steal confidential data belonging to the company. These attacks are difficult to track and can go unnoticed for months.

The report went on to explain that only 18% of respondents said they had formal incident-response plans that include insider attacks that may take place and 31% of respondents said they have no formal programme in place or preparations to deal with the threats posed by insiders.

Lily Davies says on behalf of the Fraud Defence Group:

This report once again highlights the lack of preparation in preventing, detecting and responding to insider attacks. It is becoming ever more important for organisations to undertake and implement a comprehensive risk assessment which carefully considers the risks which are unique to that organisation and business model. For example, medium to large sized organisations with several hundred employees that have access to the internet and which regularly communicate with external parties will have a different risk profile to a smaller company with fewer employees.

Whilst the risk can never be completely eradicated, careful preparation and effective training of staff is likely to have a huge impact on reducing the possibility of falling victim to an insider attack. In addition to this, ensuring that there are effective prevention, detection and reaction measures will also reduce the potential losses and maximise the chances of recovering those losses.

Martin Shobbrook, a Partner in Mishcon de Reya’s Fraud Defence Group says:

There needs to be a shift in thinking so that businesses no longer shy away from difficult and honest conversations about dealing with insider threats to their operations. Traditionally, companies have been reluctant to take legal action against those who cause the company loss for fear of adverse PR, particularly where it has arisen from the actions of a trusted and senior insider. However, the ever increasing levels of threats, both from within and outside of the organisation, necessitates that firm action is taken against wrongdoers to send a clear message to the work force that such action will not be tolerated. In my experience, this in turn will almost certainly discourage future wrongdoing against the company. The quicker a company responds to an attack, the better its chances of limiting and recovering the losses it may suffer.

It should not be forgotten that directors owe a duty to promote the success of the company and to act in the company’s best interests. Such duties include the obligation to carefully consider the advantages and disadvantages of pursuing wrongdoers and attempting to recover losses. Given the exponential rise in cyber-crime and the increased risk to business of attacks of an electronic nature, acting in the best interests of the company must surely now include making sure that the company has as robust a defence to cyber-attack as possible and a plan ready to be actioned in the event that the company becomes the victim of an attack.

Shaper: Matthew Januszek

Matthew Januszek is Co-Founder of Escape Fitness, a business committed to working with fitness clubs to deliver the best possible exercise experiences. Founded in 1998, Escape Fitness has built a reputation for product innovation, quality and design while growing and competing through great partnerships in multiple markets worldwide. From a garage gym to a global [...]


Jazz Shapers - 5 days ago

Shaper: Raoul Shah

Raoul Shah is Founder and joint CEO of Exposure, a creative communications agency that joins the dots between brands, culture and consumers.   Founded in 1993, the agency prides itself on long term client relationships (some of which span over 15 years), has won numerous awards (including Cannes Lions & D&AD), and remains one of [...]


Jazz Shapers - 2 weeks ago