Insider threat has been a long-standing concern amongst business, and there are important considerations from both an operational and a security perspective to manage, mitigate and respond to risk appropriately.

This isn’t strictly limited to the those in the business, but also former employees.

Insider threat is designed by any type of threat, both accidental and intentional, caused by an individual or party from within the organisation. This is not limited to “malicious activity”, either, but instead the weaknesses in which attackers can exploit to gain access to data or systems on the network.

According to statistics published by Fortinet, the biggest perceived risks posed by insider threat stand at 71 per cent for inadvertent data breaches, often caused by careless or accidental user interaction with data, 65 per cent for negligence, caused by employees purposely ignoring company policy and finally 60 per cent as a malicious data breach. Note that these attacks are not always malicious, but instead lead to a wider issue around training, awareness, security protocols and system administration.

The key targets here, for the majority of attackers, are finance at 41 per cent, customer support and success services at 35 per cent, closely followed by R&D at 33 per cent.

Attack types may be as simple as an employee sending an email chain to the wrong recipient, all the way up to providing network or system access to an external party without authorisation.

It is important to recognise each risk, ideally as part of your business security risk register, and identify policy, process and physical countermeasures to reduce, mitigate or eliminate these individually.

Reducing the attack surface of your organisation is part of a wider operational change, but with co-ordination, acceptance and a willingness to address these concerns, the right changes can be implemented with little impact on business function.