Insider Threats

Abstract

Malicious insiders are posing unique security challenges to organizations due to their knowledge, capabilities, and authorized access to information systems. Data theft and IT sabotage are two of the most recurring themes among crimes committed by malicious insiders. This paper aims to investigate the scale and scope of malicious insider risks and explore the impact of such threats on business operations. Organizations need to implement a multi layered defensive approaches to combat insider risks; safeguarding sensitive business information from malicious insiders require firstly, an effective security policy that communicates consequences of stealing or leaking confidential information in an unauthorized manner. Secondly, logging and monitoring employee activity is essential in detecting and controlling system vulnerabilities to malicious insiders. Thirdly, conducting periodic and consistent insider vulnerability assessments is critical to identifying any gaps in security controls and preventing insiders from exploiting them. And lastly, but certainly not least, taking extra caution with privileged users is important to proactively protecting information infrastructure from insider risks.