Over the last two years, ransomware has been, without a doubt, the hottest topic in cybersecurity discussions in both the cybersecurity community and the general population. Major attacks like the one on SolarWinds and against Colonial Pipeline have dominated headlines — and for good reasons. Ransomware attacks are growing in frequency, complexity and sophistication while also becoming less expensive to execute. In no way am I downplaying the urgency to protect our infrastructures against them.
Yet lurking in the shadows, there is another cybersecurity threat that has not received the same attention in the media: insider threats.