The insider threat comes in many forms: It might be a disgruntled former employee seeking revenge, a current employee dissatisfied with their job or curious about sensitive information, and many more. According to the 2016 Study on the Insecurity of Privileged Users, sponsored by Forcepoint and published by Ponemon Institute, professionals like database administrators, network and IT coordinators, and Cloud custodians often use their privileged rights inappropriately, resulting in insider abuse.
Curiosity and lack of control are the triggers for insider abuse
74% of the IT professionals interviewed said that those with privileged user access think they are empowered to access all the information they can within their rights. 66% of respondents believed that curiosity is one of the triggers for such a dangerous behavior, together with the company’s lack of privileged access management – 58% of IT professionals claimed companies assign access rights that exceed what’s required by the role and its inherent responsibility.
1 in 5 have privileged access rights for no reason
21% of respondents admitted having privileged access even though they don’t need it to do their job, and the reasons they gave will astonish you:
- Because other colleagues at their level had those privileged rights (43%).
- Because the company didn’t revoke their user access rights when they changed their role or no longer needed them (34%).
It’s clear that part of the blame lies with companies, and their inefficiency in establishing and maintaining a sound access control and administrative privileged management policy. Implementing an ISMS (information security management system) based on the ISO 27001:2013 international standard can help companies mitigate insider abuse.
All organizations are vulnerable to insider abuse, either malicious or unintentional, affecting reputation, operations, and profitability through the exposure and disclosure of sensitive data. The brand new book from ITGP, Insider Threat – A Guide to Understanding, Detecting, and Defending Against the Enemy from Within, goes deep into the matter, identifying different forms and motivations behind insider abuse, as well as providing best practices and tips on how to establish an insider threat program.