The year 2016 is over and one for the history book. Cybersecurity activity broke records as they did the previous year, and the year before and the year before that. Toward the end of 2016 we saw so many predictions about what 2017 has in store for us, many that offer a wide range of predictions. However, there was some interesting information that resulted from one broad survey with the top two threats an enterprise will likely to face in 2017.
#1 Insider Threats (employees, contractors, vendors and other insiders). The survey determined that more than 28 percent of those asked believed this was the top threat and a direct threat to their enterprise's intellectual property. This threat is primarily resulting from two specific issues: disgruntled employees and theft of intellectual property for sale. The #1 threat also includes the malicious insider and the accidental insider threat. Perhaps the most frequent accidental insider threat was due to phishing emails targeting employees, including IT staff that allowed malicious outsiders to gain insider access to a system. CSOs and CISOs have faced these threats for years, but while this threat is well known and well understood, the tools and techniques continue to evolve and adapt to make insider threat protection a widely used security measure.
# 2 Corporate Cyber Espionage – The survey determined that more than 23 percent of those asked believed this was the top threat to their enterprise's intellectual property and the main threat that came from their competitors. Arguably, we are now operating in a global business environment that is much more competitive than anything we have seen in history. In December a lawsuit was filed by Heritage Auction House against world renown auction houses -- Christie’s and Collectrium over the theft of their sales data. Cases like that clearly illustrate the lengths that some companies will go to have an unfair competitive advantage. Cyber espionage is such a threat to companies and to the economy where they reside, that immediate action is required.
All too often enterprise security departments are not involved in the acquisition of human resources (contract, direct hires and so on). In addition, they are not involved in new resource indoctrination (on-boarding) or providing a basic educational program for all new human resources. Nor are they involved in vendor investigations prior to contracting. While both of these areas take time and effort, given the continued risks of insiders and espionage, these areas must be properly addressed NOW! Based on the public information available, one can only conclude that little attention has been paid to this issue for a number of reasons. None of which are good enough.
In September last year, a report titled “2016 Cost of Insider Threats” stated that on average, enterprises are spending $4.3 million yearly to mitigate, address, and resolve insider-related incidents. How does your organization’s figures compare to the numbers in that report?
We had better get our arms around this problem. The cost is extremely high and increasing, as is the frequency and complexity of these type of attacks continued to grow. While this threat is significant, there is one waiting that is far larger. Warming up in the wings is the next major challenge. That subject will be addressed in my future blog posting.