<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1033252670099820&amp;ev=PageView&amp;noscript=1">
New Call-to-action

When Trusted Insiders Go Bad

› › › BACK TO THE BLOG

[fa icon="calendar"] Aug 19, 2016 12:47:25 PM / by WALLIX

data-leakage-privileged-users-cybersecurity-insider-threat.jpg

A recent survey conducted by Gartner of 186 participants released in May 2016 exposed that the main motivation of trusted employees and contractors (insiders) leaking privileged information is financial. 

Called “Second Streamers” these insiders defraud their employers by circumventing internal controls, stealing digital assets such as privileged data or intellectual property, gaining financial advantage or other benefits. This information also drew from 140 actual incidents.

 

So Is The Landscape Improving…

At 62% of all responses, this is an alarmingly high number and shows that these second streamers motivations to obtain financial gain through trading internal data is real and prevalent. Common situations involve direct fraud or broader motivations including providing suppliers with information that undermines the organisation’s negotiating power.

With the Gartner report in mind and looking back at how this threat has increased, in 2007 a KPMG study found that just 4% of all reported cyber-attacks were caused by malicious insiders, but only three years later, that number had risen to 20%.

 

Motivations…

The actions of an individual accessing and taking data from inside an organisation while only operating with what was defined as “low-level” access must make businesses reconsider how access to systems is controlled and monitored. It’s almost impossible to attempt to identify every motivation that could drive an insider to act against an organisation they’re a part of. That said, we do have enough evidence from our entire human history to know that generally it will come down to these three:

  • Money
  • Ego
  • Ideology

Taking these threats seriously should be motivation enough for business to implement the appropriate technology to control access to critical core systems. Compliance and industry specific regulations should also be a key consideration for businesses to demonstrate control over their most precious asset.

 

What To Look For In A Credible Solution…

A robust Privileged Access Management system will remove the risk of data ending up in the wrong hands and should have the following attributes embedded:

  • Secure privileged passwords in a certified vault, allowing you to hide or reveal, to generate or change target passwords with full confidentiality
  • Ensure that only authorised users are able to access powerful privileged accounts
  • Prevent users from being able to elevate privileges without authorisation
  • Establish strict accountability over the use of privileged accounts by tracking who accessed what accounts and what actions were taken
  • Improve forensic analysis and contribute to regulatory compliance by generating a detailed, tamper-proof audit trail of all privileged account activity
  • Rapidly detect and alert on anomalous activity that could signal an inside attack in-progress

Our WALLIX AdminBastion (WAB) Suite has therefore been designed not only to deliver complete visibility to privileged user activity and therefore mitigate risks relating to privileged access, but to do so in the simplest, most intuitive way thanks to an unobtrusive and rapid deployment.

Get Access to our White paper : Privileged Access Management Solution

Topics: Preventing Insider Threat

WALLIX

Written by WALLIX