A large number of cyber security risks to businesses come from within.
Insider threats come in two variations. The first is the malicious threat where an employee, former employee, contractor or business associate deliberately bring harm to an organisation. A good example is someone with insider knowledge of the organisations security systems hacking or exploiting said systems. Normally, the perpetrators of malicious insider threats are disgruntled employees.
The other form of insider threat is accidental. An employee may in-avertedly open a malicious email that then spreads malware throughout the organisations computer systems.
People are arguably one of the weakest and easiest links to break in any organisations infrastructure. The social media information outburst, the blurred lines between corporate and home devices and often the lack of policy and procedures around the actions employees are allowed to take, all combine to create the opportunity for critical data cracks, which attackers are just one step away of utilising to penetrate a system.
CultureMetrics offers senior managers and executives the ability to monitor the internal culture of their organisation. It identifies management practices that risk fostering negative and counter-productive employee behaviour including sabotage, fraud, excessive risk-taking and disregard for corporate compliance. CultureMetrics provides early warning of dangerous management practices, to enable corrective measures to be taken before potential problems turn into actual financial and reputational loss. For more information on CultureMetrics and how it can help counter insider threats click here.
In essence, tackling insider cyber threats requires investment in education of staff at all levels.
Business leaders should sign themselves and their staff up to take PGI Cyber’s Cyber Security Awareness Course (CSA) which provides a comprehensive syllabus for protecting your own and your businesses online identity. For more information click here.