Is it Possible to Prevent Data Breaches Caused by Insiders?

Philip Robinson by   11.27.2018   Data Security

It’s no secret that businesses all over the world are struggling to tackle the security concerns posed by insiders. The insider threat is consistently found to be one of the biggest causes of data breaches for organizations of all shapes and sizes.

If your security strategy focusses on building walls to stop external threats from getting in, then your security strategy is back to front. If you’re not focussing first on the security of the data itself, then it’s only a matter of time before an insider is responsible for a crippling data breach.

It’s not hard to see why insiders might pose the biggest threat, as they already have access to your most valuable data. This means that if an insider wanted to misuse data, they could do so without raising immediate alarm. Data breaches caused by insiders, therefore, can go undetected for long periods of time – meaning the damages mount up.

Is Anyone Immune?

If history is anything to go by – no.

Over the last few years we have seen some huge insider threat related security breaches affect the biggest organizations. Even the most innovative and profitable organizations (with huge cyber-security budgets) fall victim to insider threats.

One example of this is when Tesla CEO, Elon Musk, announced that one of their privileged users had deliberately sabotaged Tesla’s manufacturing software systems and shared the company’s intellectual property with third parties. It is believed that the insider was motivated by the fact that they had not received the promotion they thought they deserved.

We don’t yet know what the repercussions to Tesla as a result of the insider threat will be, but it does teach us a valuable lesson. If you are not taking insider threats seriously and monitoring the activities of your privileged users, it’s only a matter of time before you pay the price.

The Shifting Paradigm

Fortunately, at least in some parts of the world, organizations are almost being forced to treat data security as a priority. Compliance regulations such as GDPR, HIPAA, SOX, PCI and the new California Consumer Privacy Act are all helping to bring data security to the forefront of business.

It’s no longer simply the IT team’s concern. Penalties for non-compliance can impact companies so heavily that all stakeholders have a vested interest in ensuring security best practices. This really is the only way to ensure that we can address insider threats moving into 2019. To be able to combat this threat requires awareness and focus throughout the entire organization.

How to Combat Insider Threats in 2019

I believe that 2019 will be the year of the insider threat. What I mean by that, is that the amount of insider threats will reach a tipping point where organizations will have no choice but to make data security a priority or face the consequences.

There are a number of ways organizations can immediately improve their security posture to ensure that they are ready to defend against insider threats.

The first thing you can do is ensure that all members of the organization know the value of data and the risks associated with poor cyber-security practices. The majority of insider threats are accidental or unintentional due simply to a lack of care or education around cybersecurity threats. Therefore, good education and accountability for cybersecurity could help to mitigate this.

The second thing you can do is to ensure that you are paying very close attention to what your most privileged users are doing with your data and your systems. You can do this by deploying a change auditing solution like LepideAuditor. This data-centric audit and protection (DCAP) solution enables you to place data at the heart of your security. With a solution like this in place, you’ll be able to discover where your sensitive data is, who has access to it and spot any unwanted changes taking place. Having an auditing and monitoring solution is probably the best way to ensure that you stay aware of the activities of your privileged users. It may also act as a deterrent to opportunistic users looking to abuse their privileges for personal profit. Knowing their activities are being monitored could help stop this from happening in the first place.

If you want more information on how LepideAuditor can help you detect and prevent insider threats, get in touch with one of our experts today.