We still need to remember insider threat

News and information from the Advent IM team.

We still need to remember insider threat a blog by Ellie Hurst, Head of Marcomms and Media @ Advent IM

News reaches us every day of hacks, third party security breaches, and supply chain vulnerability exploitations that impact entire business ecosystems. But we must never forget some of the most challenging threats can come from our insiders.

Insiders may be employees, contractors, temporary workers, or partner businesses that are on the inside of our networks; trusted to adhere to policies and procedures. Third party breaches could potentially be considered insiders and given the level of unrestricted access some businesses allow their suppliers and third parties without sufficient governance, then you could be forgiven for thinking all third parties are insiders. (According to the Ponemon Institute 44% of businesses have had a recent third party breach and 75% of those were caused by too much privileged access.)

This week we learned that in Spain, two nuclear power workers were arrested for ‘cyberattacking the radiation alert system’ of the nation’s nuclear power plant network in 2021. At the time of writing, there is no explanation for why they have done this and we do not yet know what roles they have within the organisation or their resulting access levels.

What we do know is they were either were given access or gained access to the radioactivity alert network, and through a series of actions were able to drastically reduce the systems ability to detect surges in radiation levels through the systems sensors. No need to point out how serious a situation that could have become.

We have seen insiders go rogue before now, there was a time you could not open a newspaper website without reading about Edward Snowden and the results of his activities. This, however, is a new level of danger, and the possibility that people could have come to harm is a sobering thought.

Vetting personnel is a longstanding and accepted part of HR security, but pastoral care is not always part of security strategies. Knowing the state of mind of a person at one point in time is only helpful at that point in time. A new day brings new challenges, new situations and influences, and without a program of pastoral care that involves people looking out for each other and spotting when someone’s attitudes, affiliations, or associations change in a bad way. People can become vulnerable to coercion and an organisation may have no idea. Pressure being bought to bear through blackmail or an ideology or political system needs to be considered as part of an ongoing system of care for employees. Finally, and though we may be loath to admit it, our people may just have stopped loving us, and, just like a jilted lover, there is nothing more dangerous than a disaffected, disgruntled insider with privileged access

Talk to us about HR security and supply chain assurance as part of your organisation’s security strategy.



Share this Post