Insider risk is not just about bad actors. Most of the time, it’s about mistakes. Someone sends a sensitive file to the wrong address, or uploads a document to their personal cloud to work from home. In many cases, there is no ill intent, since many insider incidents are caused by negligence, not malice.
Still, malicious insiders can be devastating. Some steal intellectual property, others are bribed or pressured by outside groups to plant ransomware, exfiltrate trade secrets, or shut down operations.
The impact of insider risk is being felt across an organization and is no longer limited to the cybersecurity team. 86% say an insider event would impact company culture, according to Code42.
Detection is not enough
Businesses that appropriately restrict data are twice as likely to avoid insider attacks, according to Zach Capers, senior security analyst at Capterra. Organizations should apply the principle of least privilege, ensuring employees have access only to the data necessary for their job. Highly privileged users should be closely monitored, and the use of administrative rights should be kept to a minimum.
It is tempting to rely on tools. Modern platforms can…
