The Verisade Library contains information about cyber security and Australian business, including information about threats, current controls and best practice, strategies and white papers.

The Insider Threat

Are you exposed to internal threats?

One of the most potentially damaging threats all organisations face is from trusted parties such as staff and business partners that have, or have had, access to company assets. Do you know where your organisation is exposed to this potentially devastating threat?

The CERT defines the insider threat as current or former employee, contractor or business partner who:

  • Has or has had access to an organisation’s network, systems or data; and
  • Could intentionally exceed or otherwise use that access to negatively affect the confidentiality, integrity, or availability of the organisation’s information or information systems.

It is important to examine and evaluate these threats as part of your security program. Common insider breaches include sabotage of ICT assets, theft of intellectual property and fraud. The focus of the perpetrator will tend toward the organisation’s mission or their specific role within the organisation; however, you can expect that banking and finance areas will see more fraud, ICT will see more sabotage, and research and development will see more IP theft.

One of the most graphic examples of the damage that can be caused by the insider threat is illustrated by the Snowden leaks. In June 2013, Edward Snowden came to international attention after disclosing thousands of classified documents that he acquired while working as an NSA contractor for Dell and Booz Allen Hamilton to several media outlets, causing significant damage to American and Australian intelligence operations. This is an extreme example, however a more common Australian crime is fraud. It is reported that over 30% of Australian incidents of fraud cost the organisations involved over $1 million dollars directly and indirectly.

Trusting your staff is imperative, but protecting against these internal threats can only be managed effectively through the assessment of risk and the devolvement of risk management plans. Verisade has developed threat and risk assessments, and risk management strategies and plans, that address these issues–reducing the potential of insider threat by supporting business processes and protecting organisational assets.