Malware, ransomware, phishing and viruses get so much attention in the media, from the public and even from IT staffs working to keep their environments secure. WannaCry is the biggest cybercrime story of the century, and will likely hold on to that title until the next external-threat-based incident makes the news.
Because it simply makes more sense. It’s easier to imagine a lone hacker sitting in a basement, targeting a business with their home-brewed cyber weapons than it is to think about what a disgruntled employee might do once they build up the nerve.
Yet, in a recent study conducted by research firm, Clearswift, 42% of all IT security incidents occur as a result of employee actions. According to the Ponemon 2018 Cost of Insider Threats Report, negligent staff account for almost 2/3 of the all insider breaches; yet the cost of impact is 3X more expensive when the internal attack is intentional or malicious.
Malicious Employees (and the Damage They Cause): It’s NOT A Myth!
No one wants to believe that Johnny or Susan are anything other than honorable people. They attend company functions, engage at the watercooler and add a lot during brainstorming sessions. Yet, one is being paid by an industry rival, and the other is just resentful that another staffer makes more money. Unfortunately, both have far more access than they should for their roles in the company, access that allows them to steal or delete data or create havoc in the EUC (end user computing) environment. Consider these statistics from the Ponemon study:
- The average annual cost of insider incidents totals an average of nearly $9 million
- Individual incidents averaged $513,290 including costs from monitoring, investigation, escalation, incident response, containment, ex-post analysis and remediation
- It took an average of 73 days to contain incidents with only 16% resolved in less than a month
Why Are Insider Threats So Damaging?
There are a number of factors that contribute to the frequency, damage and potential of malicious insider threats, but the three key aspects are:
- Depending on how duties are assigned, what form of supervision is present, and how often employee (or even ex-employee) work is audited, the damage they cause can take a long time to discover. Often, the longer it has been since it was done, the harder the damage is to reverse.
- Once discovered, the response can be difficult to execute. The employee in question can often easily claim it as a mistake, or (and again, depending on the division of labor and supervision) can even appear to be doing their job as usual if they’re considered the “expert” in that work.
- In any case, poor management policies usually leave the door open for disgruntled employees to do damage. Low-level staffers given admin access, third-party vendors provided with authority for data they don’t actually need, and login credentials for recently terminated staff members are all common and dangerous occurrences.
While malicious staff can be the most difficult threat to guard against, moving your EUC environment to CloudJumper can eliminate the issue all together. We maintain a multi-faceted security approach that includes physical and virtual security measures, and threat pattern analysis. If you would like to learn more, check out our infographic and white paper both title, 7 Habit of Highly Effective EUC Environment Security…in the cloud.
This is just one of the many benefits of working with CloudJumper and our Cloud Workspace® Management Suite software. Regardless of whether a disgruntled employee tried to wreak havoc on their way out, or an absent-minded staffer accidentally caused some data loss, we have them covered. Contact us today. Hello@CloudJumper.com or 844.645.6789. Follow us on social media: Twitter | Facebook | LinkedIn.