Many organizations still believe the definition of an insider threat is limited to a rogue employee purposefully leaking embarrassing information, or nuking a couple of systems when he or she quits and walks out the door with internal or customer data to take to a new job. But not all insider threats have to be malicious to cause an incident.
Perhaps someone on your marketing team wasn’t aware of their regulatory obligations in handling customer information and handed over a large dataset to a third party processor. In some regions, if the company didn’t get an explicit opt-in from the customer to allow that third party to handle the data, it could be considered a security incident. Or what if someone on the HR team left a flash drive in the lunch room containing personal health information, and that info gets disclosed to other employees? Sure, it may not have been intentional, but it was still an incident caused by an insider.
Insiders have been behind several significant data breaches, yet many CISOs focus only on keeping the bad guys out, instead of looking within their own company.
Read how organizations can minimize insider threats through a robust and evolved security strategy, on Help Net Security.