Combat Insider Threats

Internal Risk Is Growing. It's Time to Protect Your Business from Malicious Insiders.

Insiders are responsible for 50-70% of all security incidents and 75% of all security breaches, according to Gartner. Not all insider threats can be stopped. But you can take concrete steps to reduce their frequency and impact.

What Are Insider Threats?

Insider threats include every type of security breach or policy violation that can occur when individuals are granted trusted access to organizational facilities, networks and information systems.
Structural Dependency
Inadvertent

Inadvertent

A naive finance clerk is tricked into transferring funds into a fraudulent bank account.
Structural Dependency
Exfiltration

Exfiltration

An engineer denied a promotion copies new product design documents to sell to a competitor.
Structural Dependency
Sabotage

Sabotage

An IT admin gets back at a supervisor by creating a backdoor to sabotage database servers.

Insider Threat Categories

Compromised Insiders Compromised Insiders Compromised Insiders
Compromised Insiders
Compromised insiders are often unaware that their systems, credentials or access privileges have been appropriated by an external threat actor. 
Careless or Negligent Insiders Careless or Negligent Insiders Careless or Negligent Insiders
Careless or Negligent Insiders
Negligent insiders cause harm inadvertently. Thirty-eight percent of data breaches are caused by employee carelessness, according to a report from the Ponemon Institute and Code42. And IBM attributes 24% of all data breaches to human error. 
Malicious or Criminal Insiders Malicious or Criminal Insiders Malicious or Criminal Insiders
Malicious or Criminal Insiders
Malicious insiders intend to cause damage via theft, sabotage or espionage. Ponemon attributes 45% of all data breaches to this group. Per incident costs can average $4 million annually.

Insider Risk Management Challenges

Detection of Insider Threats Detection of Insider Threats Detection of Insider Threats
Detection of Insider Threats
Potential insider threats look very much like their innocent colleagues. Rules-based systems cannot anticipate every threat scenario. SIEM solutions are only marginally successful at extracting actionable threat intelligence from masses of log data. 
Cybersecurity Resourcing Cybersecurity Resourcing Cybersecurity Resourcing
Cybersecurity Resourcing
Security teams contending with external threats are often poorly prepared to deal with internal ones. Issues include a lack of staff, budget, tools, expertise, insider risk response plans (IRRPs) and visibility into mobile and personally-owned devices.
Organizational Organizational Organizational
Organizational
Physical, network and data security are often managed separately. C-suite and board members are often unaware of their organization’s current insider threat posture. Many are only briefed annually, upon request, on an ad-hoc basis or not at all.
Productivity Productivity Productivity
Productivity
Security controls can cause undue business friction. Fifty-one percent of the IT security leaders surveyed by Ponemon acknowledge they receive daily or weekly complaints from employees who have mistakenly been prevented from accessing their work files.

Best Practices for Preventing Insider Risks

PREPARE

Have a Baseline of Your Threat Environment and Assess IRRPs

Compromise assessments can uncover previous incidents and set priorities for closing security gaps. Develop IRRPs and playbooks to build up incident response (IR) team skills.

PREVENT

Keep Insider Threats from Becoming Insider Incidents

Prevent endpoints from being compromised and stop risky behavior automatically with endpoint security solutions based on artificial intelligence (AI), machine learning (ML) and automation.

RESPOND

Minimize Damage by Accelerating Detection and Response

Short on resources? Forge retainer relationships with external IR teams and secure managed detection and response services to offload alert management.

Let Us Show You How to Combat Insider Threats

Resources

Structural Dependency
The Insider Threat Landscape
Read Blog
Structural Dependency
BlackBerry Persona
Read Data Sheet
Structural Dependency
BlackBerry Cyber Suite
Read More
Structural Dependency
BlackBerry Guard
Learn More