The odds are an organization will be attacked by an external threat actor, according to most studies. Over the years, Verizon’s annual international data breach investigations report has shown on average two-thirds of data breaches come from nation-states, criminals or activists.
That means about one-third of breaches are blamed on insiders — defined as employees, contractors and partners — who have access to sensitive data.
To help CISOs face this threat Public Safety Canada has issued a 31-page guide called Enhancing Canada’s Critical Infrastructure Resilience to Insider Risk aimed at making it easier for infosec leaders to structure their defences.
Insiders can have a range of motives for acting, from greed to resentment. However, insiders are also the source of accidents (including clicking on malicious links in email, uploading unprotected data to the cloud for processing and sending data files to the wrong person) and misconfigurations leading to breaches. Last year Verizon figured errors by insiders were at the heart of almost one in five (17 per cent) of breaches.
The guide has eight recommended actions under three themes: Establish a holistic approach to security;…
