The Insider threat – Not just a question of trust. (pt.1)

by
the insider threat

This article came about from a comment I made in What’s in your email?. I was asked how you spot the insider threat. The quick answer is you cannot. End of article, send for proofing!

OK let’s discuss the insider threat

First a quick and dirty definition of the “insider threat”:

Someone who betrays a trust either deliberately for some type of gain or accidentally through lack of training, over-sharing or lack of care. These actions lead to a compromise of the organisation’s information.

Trust

So here is the issue: for your organisation to produce widgets or service clients, or whatever you do, you will need to trust someone, somewhere, with valuable information.

Now I can hear the one-person companies jumping in now, saying, “there is only me, I do not trust anyone!”. But is that true?

Do you really do all the work yourself?

I had this discussion with a client and although they were a lone wolf, having shed staff members because of issues, they still sub-contracted work. They operated a loose “principle of least privilege” for those contractors – a good place to start when addressing the insider threat – but a shallow dig through the business process revealed that they were trusting more than they thought and there was a trust that could be betrayed.

What does your business continuity plan say will happen if something happens to you?

That is the question! You do not want clients asking you this if it is true and you really do not have anyone on the inside of your organisation. Because if no one is on the inside, you have no insider threat, but your clients do not have continuity of service if something happens to you.

Solve the insider threat – a starting point

It is not trusting people but sorting your information.

We have come to the end of today’s article so tune in next week for the explanation of data classification. And I have almost finished my coffee.

The Insider threat – Not just a question of trust. (pt.1) Cyber Awake
<em>Writing this article in a café BYOD in action<em>

For an explanation of that statement have a look at this article on Smart Thinking Solutions.

BYOD Bring-Your-Own-Device – A Primer (pt.1)


Clive Catton MSc (Cyber Security) – by-line and other articles

Further Reading

I have written about the insider threat before:

The Insider Threat – the threat landscape and the first steps… – CyberAwake

Back again, because that insider threat has not gone away… – CyberAwake

The Insider Threat – History is a Circle! – CyberAwake

Featured photo by Christina Morillo

Coffee photo by www.clivecatton.co.uk

Contact us for consultation

Wake up to cyber threats..

The Insider threat – Not just a question of trust. (pt.1) Cyber Awake
HQ Based between Newark and Lincoln

Get in touch

CyberAwake
Unit 2 Kingsley Court
Kingsley Road
Lincoln
LN6 3TA
United Kingdom

01522 508089

useful links

Website Cookies Icon

This website uses cookies to ensure you get the best experience on our website. Click for more information.

accept & Close