Quick Intelligence Blog

How to stop an Insider Cyber Attack before it Happens?

Insider threat

(Updated from September 15, 2021)

A study by the Ponemon Institute and DTEX Systems found that 53% of the businesses surveyed say they are unable to prevent insider attacks. The updated Ponemon Institute 2022 Cost of Insider Threats: Global Report shows that insider threat incidents have risen 44% over the past two years. Along with that increase, costs per incident are up more than a third to $15.38 million.

An insider breach or threat is defined as an employee who intentionally sets out to steal data from the company. In some cases, employees may even carry out other cyber attacks such as ransomware. A ZDNet story from August 2021 discusses how hackers have targeted employees to install ransomware on company computers for a share of the profit. As a business owner, you should be concerned that your employees may intentionally harm your business.

So, what are some of the warning signs that your organization could be in danger of an insider attack? According to the Ponemon/DTX study, some of the key indicators include:

  • Opening an unusual amount of files
  • Attempting to use USB devices to save data
  • Staff purposefully circumventing security controls
  • Employees trying to mask their online activities
  • Employees moving and saving files to unusual locations

Due to a lack of effective monitoring practices and controls, businesses struggle to detect these indicators of insider threats. A lack of in-house expertise in dealing with threats, as well as a lack of budget, makes it impossible to monitor threats, both from within and outside of the business, effectively. Additionally, the shift to remote work makes it harder to monitor and mitigate cyber security risks.

Some strategies to mitigate the risk of insider threats are like those employed to mitigate the risk of an attack from outside your network. These strategies include:

  • Monitoring your network for behaviour abnormalities
  • Privileged Access Management to resources
  • Regularly testing your cyber response plan
  • Backing up your data, preferably offsite and offline

Is your business at risk of an insider cyber attack? To get a handle on your company’s cyber risk, contact the experts at QuickProtect. QuickProtect’s services include monitoring and data loss prevention to help ensure your data isn’t lost to hackers or malicious insiders.

Topics: Insider Backups Ransomware cyber security Breach Malware