Internal threats: a cybersecurity issue for SMEs

This article will teach you more about:

• What are insider threats?
• Causes of Insider Threats
• Cybersecurity issues for SMEs
• How to limit insider threats

The majority of cyberattacks come from insider threats

Contrary to popular belief that the majority of cybersecurity threats originate externally, there is strong evidence that the primary focus should be on those that may arise within the organization's internal workforce.

Indeed, a 2016 IBM report titled An integrated approach to insider threat protection indicates that 60% of cyberattacks are due to an intentional or unintentional action by an employee. Of this percentage, nearly 26% of security breaches are caused by a misstep by a company employee, while the other 74% are the result of a malicious act.

You might be surprised to learn that malicious actions by employees represent the biggest cybersecurity threat to businesses. The best example is undoubtedly the security breach suffered by the Desjardins Group in June 2019, when the credit union saw one of its employees steal the data of approximately 2.9 million customers.

This article will therefore aim to teach you more about the reality of internal cybersecurity threats as well as how you can counter these threats and strengthen your organization's risk tolerance.

Where exactly do insider threats come from?

Unfortunately, insider threats are the most difficult cybersecurity issue for managers to control. You'll agree, it's impossible to fully control the actions of our employees. On the other hand, increasing connectivity and remote working increase the risks associated with insider threats. Thus, an employee's misstep can lead to a cyberattack that puts the company at risk.

There are a multitude of internal cybersecurity threats that businesses face. A Security Intelligence article outlines five different scenarios that can lead to a security breach at a company.

1. Unresponsive employees : they do not integrate, voluntarily or not, the content taught during cybersecurity workshops;
2. Careless employees : They inadvertently make a mistake; they may be normally vigilant employees who are caught in a trap. Phishing is   a very good example;
3. Internal Collusion : Although rare, this form of threat involves a situation where an employee colludes with a cybercriminal to disclose information that will lead to a cyberattack;
4. Persistent malicious employees : The majority (62%) of offending employees are not first-time offenders. At least, that's what a Gartner study claims . For example, they may be looking for additional income by trying to sell recovered data on the dark web;
5. Vindictive Employees : The same Gartner study mentioned earlier found that 29% of employees who left a company, whether for personal or non-personal reasons, stole data from the organization upon leaving.

The risks of internal threats for SMEs

As we often mention, the risks associated with cybersecurity are much greater for small and medium-sized organizations than they are for large companies. The latter have the means to invest as much in preventing as in recovering from a security breach.

It is quite different for smaller companies: 60% of businesses that are victims of a cyberattack will close their doors 6 months later .

The IBM article cited above estimates the cost of a cyberattack at US$4 million. Interestingly, this analysis takes into account costs related to lost revenue due to reduced business and loss of brand image.

Have you ever asked yourself the question: Are you able to recover from a cyberattack?

How to minimize the risks associated with insider threats?

It is very difficult to prevent and monitor potential internal security breaches. However, by establishing a healthy corporate culture, properly training employees, and following a data access policy, organizations can significantly reduce their exposure to risk.

Establish a healthy corporate culture

This is a crucial step in your organization's cybersecurity. It's important to provide your staff with a healthy and transparent work environment that spreads trust at all levels of the company. The more an employee feels accountable and responsible, the less likely they are to decide to take action against their employer. Of course, there will always be dissatisfied people. Try to identify them and intervene before it's too late.

Provide adequate training to your employees

If employees represent the greatest risk to the organization, training is essential to make them aware of their actions. Simple cybersecurity best practices will save you a lot of headaches. Use specialized trainers and see this investment as more than just a cyberattack insurance policy.

Establish a data access policy

This last step is relatively simple. Adopt best practices that will reduce the chances of certain employees getting their hands on sensitive information or opening the door too wide. Grant only the necessary access to employees based on their roles and opt for temporary accounts through partnerships with external consultants.

Nexxo can help you reduce insider threats

Whether you're training your staff on key security issues or collaborating with your management team to implement a data access policy, Nexxo can help. Do you have questions? Contact us today and we'll meet to assess how we can help you. Our initial consultation is free.