Cybersecurity

Managing insider threat

  • Share

The financial, reputational and regulatory impact of having an organization’s critical assets stolen or damaged can be catastrophic.

Anyone with trusted access can exploit the vulnerabilities that protect critical assets, causing millions of dollars of damage. To mitigate this risk, organizations should establish a program to protect their critical assets from insider threats.

An insider threat is when a current or former employee, contractor or business partner, who has or had authorized access to an organization’s network systems, data or premises, uses that access to compromise the confidentiality, integrity or availability of the organization’s network systems, data or premises, whether or not out of malicious intent.

Insider threats can include fraud, theft of intellectual property (IP) or trade secrets, unauthorized trading, espionage and IT infrastructure sabotage.

Although technology can play an important role in identifying potential insider threats, it is not just an IT issue. It takes an enterprise-wide approach — including many human elements — to plan for, prevent, detect, respond to and recover from insider threats.

Managing insider threat risk should be part of a holistic corporate security program, from both information security and physical security perspectives. However, there are unique information security challenges that must be addressed.

These challenges lie in the fact that the threats created by insiders are hidden in plain sight and are therefore difficult to detect. For example, they:

  • Do not need to “break in” because they already have access and knowledge pertaining to the location of critical assets
  • Are within an organization’s confines, so their illicit activities are harder to detect via traditional signature-based detection than an external attacker

Click here to access the replay of webcast, “Managing insider threat: a holistic approach to managing risk from within.”

For the presentation, please download here.

Click here to access the replay of webcast, “Managing insider threat through the lens of a seasoned investigator.”

For the presentation, please download here.

For more details about EY Insider Threat Services, please contact the following individuals:

Lou Bladel, lou.bladel@ey.com
Kevin Jacobsen, kevin.jacobsen@ey.com
Geoff Tremain, gtremain@uk.ey.com

EY Cybersecurity - Managing insider threat Download