The Silent And Very Damaging Threat Behind Organizations Firewalls
The Insider Threat
What Is Insider Threat? There are many definitions of Insider Threats. The example listed
below is one of many definitions.
The potential for an individual that will use their authorized or
unauthorized access, wittingly or unwittingly, to cause harm to the
organizations assets (Employees, Facilities, Data, Computer Systems, Networks,
Etc.), that can impact the organization through the loss or degradation
of organizational resources or capabilities.
Who Is An Insider?
Employees'
Trusted Business Partners / Sub Contractors
Any
Individual(s) With Trusted Access To The Organization Assets
Insider Threat Incidents Can Be Caused By
Just 1 Employee
Multiple Employees' In Collusion
Employees' In Collusion With External Cyber Criminals / Co-Conspirator(s)
Why Are Organizations So Vulnerable To The Insider Threat?
What Advantages Do Insiders (Employees') Have Over Cyber Criminals?
Insiders Have Authorized Access To An Organization Facilities
Insiders Have A Login / Password To Access Computer Systems / Networks
Insiders Know What Data In An Organization Has The Most Value And Where
It Is Stored
Insiders Have
Access To Financial Information / Bank Accounts And Know How To Exploit
Weaknesses To Their Benefit
Insiders Know The Security Weaknesses Of An Organization That Are
Overlooked, Ignored And Could Be Exploited For Malicious Purposes
Insider Threat Damages
The
damages caused to U.S. National Security and businesses by malicious
Insiders has been severe. Insider Threat incidents are usually not
covered in the news, and they happen a lot more frequently then most
people realize. Financial damages from Insider Threat incidents can be
in the MILLIONS To BILLIONS!!!.
Examples Of Damages / Impacts
Financial Loss (Loss Of Trade Secrets / Data Theft, Fraud Schemes,
Embezzlement, Etc.)
Operational Impact For The Organization To Execute Its Mission (IT /
Network Sabotage, Data Destruction, Sabotage To Facility, Etc.)
Theft Of
Organizations Assets
Legal, Compliance & Liability Impacts
Damages To Organizations Reputation
Loss Of Customers
Stock Price Reduction
Workplace Violence (WPV) (To Include Bullying / Sexual Harassment That
Turns Into WPV)
Workplace Culture -
Impact On Employees’
Employees Lose Jobs / Company Goes Out Of Business
And
More........
Insider Threat Incidents Reports Many employees come to work everyday with the best of intentions to
work hard and help their organization be the best it can be. But lurking
in the shadows could be Trusted Employees' on the verge of becoming
Malicious Insiders.
Some senior leaders in organizations may downplay or ignore the Insider
Threat problem, and may not want to invest any additional time,
resources or funding to support the development of an Insider Threat
Program.
In many cases upper management has not been briefed on how damaging
JUST 1 Insider Threat incident could be to the organization.
Ignoring or discounting the severity of the Insider Threat problem, can
end up causing very serious problems for an organization.
While some CEO's may look at an Insider Threat Program as a cost to the
organization, an Insider Threat Program should be looked at as proactive
program to protect the organization from serious incidents, financial
impacts or dire consequences caused by employees'.
The capabilities of a disgruntled or opportunist employee can be very
sophisticated and should never be underestimated. An employee can sit
silently and morph into the company's worst nightmare before they
realize the damages that have been done.
Some organizations invest thousands of dollars in securing their data,
computers and networks against Insider Threats, from primarily a
technical perspective, using Network Security Tools or Insider Threat
Detection Tools. But the Insider Threat problem is not just a technical
problem.
The
Insider Threat Incidents Reports (Produced Monthly) by the National
Insider Threat Special Interest Group (NITSIG), provide an EYE
OPENING view of the severe damages that are being caused by
Malicious or Opportunist employees'.
These reports serve as an excellent Insider Threat Awareness Tool to
educate CEO's, Key Stakeholders supporting the Insider Threat Program,
and the workforce on on the dangers of not reporting employees' who may
pose a risk or threat to the organization.
NITSIG
Mission / Overview
U.S. / Global Insider Risk Management Practitioners Alliance
The NITSIG was created in 2014 to
function as a National Insider Threat Information Sharing & Analysis
Center (ISAC), as no such ISAC existed.
The NITSIG membership (Free) is the
largest network (1000+) of Insider Risk Management (IRM) and
security professionals in the U.S. and globally. Our member’s
willingness to share information has been the driving force that has
made the NITSIG very successful. (NITSIG
Membership Application)
The NITSIG has been successful in
bringing together a diverse group of individuals managing and
supporting IRM Programs from: U.S. Government Agencies, Department
Of War, Intelligence Community Agencies, Critical Infrastructure
Organizations, Law Enforcement, Universities and Private Sector
Businesses, to enhance the collaboration and sharing of information,
best practices and resources related to IRM.
This has enabled the NITSIG membership
to be much more effective in protecting their organizations assets
against the severe impacts that can be caused by Just 1 Employee,
Multiple Employees In Collusion or Employees In Collusion With
External Co-Conspirator(s).
The
Mission Of The NITSIG Is To: 1) Create a dedicated forum for members to share
their expertise, share best practices and collaborate with others on
developing, managing, evaluating and optimizing an IRM Program.
2) Share IRM guidance to help organizations enhance their
capabilities related to the detection, response, investigations,
prevention and mitigation of Insider Threats.
3) Serve as an Educational Center Of Excellence for IRM and
provide: 1) An IRM Body Of Knowledge, 2) An IRM / IRMP
Framework.
4) Provide education and guidance to the membership via
reports, emails, in person meetings, webinars and other events. Many
members have even stated the NITSIG is like having a team of IRM
experts at their disposal FREE OF CHARGE.
5) Conduct comprehensive research and analysis on the Insider
Threat problem, and provide reports on emerging trends and the
convergence of Cyber Threat and Insider Threats.
6) Maintain a
NITSIG Advisory Board that is comprised of IRM
Subject Matter Experts that support government and business IRM
Programs.
Advisory board members will provide oversight, educational,
strategic, operational and tactical guidance to support the mission
of the NITSIG, and also help to facilitate building collaborative
relationships with individuals that manage or support IRM Programs.
National
Insider Threat Special Interest Group
Platinum Sponsors
The National
Insider Threat Special Interest Group
Is Not Affiliated With Or Endorsed By The
U.S.
Federal Government,
The Department of War Or Any
Intelligence Community Agency.