It sounds sinister. But if your business’s IT is breached, chances are high it’ll be caused by someone on the inside.
Someone who works for you. No, I’m not joking.
Insider attacks are on the rise. In fact, 68% of organizations say that insider attacks are becoming more frequent.
But there’s no one working for you that would be that dishonest, surely? Probably not. But not all insider attacks are malicious.
It only takes one person to click the wrong link on a bad email. And that can cause an accidental breach. Which would be classified as an insider attack.
Negligent staff who ignore your policies may also cause a breach. Again, this may not be done out of spite.
I’ve seen cases where business owners are so uptight about security, they make employees jump through many hoops just to complete the simplest of tasks. Those employees are driven to find ways to bypass security and make their lives easier.
It really is possible to go too far with security measures. It’s always about finding the right balance.
To avoid an insider attack, there are two things you must do:
- Give your people regular cyber-security training to make sure that innocent or naive clicks don’t cause disaster
- Protect your data as much as you can, without making your team unproductive. Give people access only to what they need, and make sure everything is backed-up
Would you like us to assess the risk of an insider attack on your business?
Give me a call on 703-204-2958