The Enemy Within

Have you ever heard the phrase "the enemy within"? In today's business world, the enemy within is a very real threat and it is imperative companies understand the potential for insider attacks, and what they can do to protect themselves from this insidious danger. 

Insider threats are malicious or unintentional threats from someone within the organization, such as an employee, contractor, or business partner. These are generally trusted individuals with access to sensitive data and systems, opening significant risk to the business's cybersecurity.

For medium-sized companies, insider threats can be particularly devastating. These businesses may believe they are too small to be an attractive target for cybercriminals, or they may not have the same resources as larger organizations to detect and respond to insider threats, making them more vulnerable to attacks.

Beneath the headlines of the well publicized large scale cyberattacks on a major corporation, you have heard of the attacks on Target, Tesla, and Morgan Stanley, are hundreds of small and medium sized businesses struggling to recover from the potentially devastating effects of insider threats. For example, in 2021, the City of Saint John, New Brunswick, Canada, experienced an insider threat attack when a former employee gained unauthorized access to the city's IT systems and deleted critical data. The attack caused significant disruption to the city's operations, including the cancellation of several public services. Or in 2019, a former employee of Metal Shark Boats, a Louisiana-based boat manufacturer, was charged with intentionally damaging the company's computer systems by installing malware. The malware caused the deletion of numerous files, resulting in a loss of critical business data and costing the company over $120,000 in recovery expenses. And in 2018, a former employee of Annapolis Pain Management, was indicted for stealing confidential patient data from the company's systems. The employee stole the data with the intention of using it to solicit patients for a competing healthcare provider.

So, what can medium-sized businesses do to protect themselves from insider threats? The first step is to recognize the risk and take action to prevent it. Here are a few tips:

1. Educate your employees: One of the most effective ways to prevent insider threats is to educate your employees on cybersecurity best practices. This includes regular training on recognizing and responding to potential threats. 
2. Implement access controls: Access controls can help to limit access to sensitive data and systems, reducing the risk of insider threats. By implementing access controls, businesses can ensure only authorized individuals have access to sensitive data and systems. 
3. Monitor user activity: Monitoring user activity can help businesses detect insider threats before the become a problem. This includes monitoring for unusual activity, such as employees accessing data or systems outside of their normal working hours. 
4. Conduct regular security assessments: Regular security assessments can help businesses identify vulnerabilities in their systems and processes, reducing the risk of insider threats.  

By taking these steps, medium-sized businesses can significantly reduce the risk of insider threats. However, it's important to remember that preventing insider threats requires ongoing effort and attention. It cannot be achieved with a one-time action.

At NuSpective, we understand the unique challenges medium-sized businesses face when it comes to cybersecurity. That's why we offer a range of services, including insider threat assessments and employee training programs, to help businesses protect themselves from the ever changing landscape of cybersecurity threats.