Corporate cyber security: how to defend against insider threats

What is Cyber Security?

External threats, such as Ransomware, aren’t the only ones that companies need to consider when planning their Cyber Security. That’s what the Ponemon Institute’s “2022 Cost of Insider Threats”report on Proofpoint shows: the insider threat incidents have increased by 44% in the past two years.

On average, the affected companies spent $ 15.4 million a year (+ 34% compared to 2020) to solve problems arising from insider threats, with a 85 days containment time for each incident. In detail, the report reveals that the frequency of incidents has also increased. In fact, 67% of companies experienced between 21 and over 40 incidents per year (in 2020 it was 60%).

Before delving into the results of the “2022 Cost of Insider Threats” report on Proofpoint, we want to remind you that Cyber Security concerns the security of information made accessible by computer systems, and the qualities of resilience, robustness and reactivity that a technology must possess to face cyber attacks on individuals, private and public companies, and government organizations.

Cyber Security and Insider threat: what the Ponemon Institute data tell

The Ponemon Institute report is published every two years and it is in its fourth edition. It has involved organizations in North America, Europe, the Middle East, Africa and Asia-Pacific, from 500 to more than 75,000 employees worldwide, and over 1,000 IT and cybersecurity professionals. Additionally, each organization surveyed experienced one or more material events caused by an insider.

The results of “2022 Cost of Insider Threats” on Proofpoint show that:

• The negligent insider is the root cause of most incidents. In fact, 56% is caused by a negligent employee or co-worker, with an average cost of $ 484,931 per incident. This depends on a variety of factors. For example, working wit unprotected devices or not following the company’s security policy;
• Malicious or criminal insiders are employees or authorized individuals who use their data access for malicious, unethical or illegal activities. They caused 1 in 4 incidents (26%), with an average cost of $ 648,062. Nowadays, to improve productivity, employees have access to more and more information, making it harder to spot malicious insiders than outside hackers;
• Credential thefts have almost doubled since the last report. These are the most expensive incidents, averaging $ 804,997. The goal of these insiders is to steal user credentials to access critical data and information. A total average of 1,247 incidents (18%) involved cybercriminals stealing credentials;
• As we have already said, it takes on average almost 3 months to contain an internal incident within the company, compared to 77 days in the previous report. Incidents that took more than 90 days cost $ 17.19 million annually, while those less than 30 days cost an average of $ 11.23 million;
• Financial services and professional services have higher average costs. In fact, the average cost for financial services is $ 21.25 million, while for professional services it is $ 18.65 million;
• The size of the organization affects the cost of per Indeed, large companies with over 75,000 employees spent an average of $ 22.68 million in the past year to resolve insider-related incidents. While the smaller organizations, those with less than 500 employees, spent an average of $ 8.13 million.

Cyber crime: 5 signs that reveal if your company is at risk

According to the Ponemon Institute, there are 5 signs that companies need to pay attention to:

1. Employees are not trained to fully understand and apply those laws, mandates or regulatory requirements relating to their work that affect the company’s security;
2. Employees are unaware of the measures to take to ensure that their devices, both company-supplied and BYOD (Bring Your Own Device), are always protected;
3. Employees send highly confidential data to an unsecured destination in the cloud, exposing the organization to risk;
4. Employees violate the organization’s security policies to simplify tasks;
5. Employees do not download software patches and updates, exposing the organization to risk.

How to protect your company from the internal threat? Namirial solutions for Cyber Security

Namirial is a leading company in providing solutions to automate business processes through its digital trust services. We have always been committed to IT security and in recent years we have significantly increased investments in research and development in this area.

Using its know-how and experience in the sector, Namirial has created CyberExpert, the digital platform for IT security. It scans for cyber threats to allow a correct risk assessment and activate the appropriate countermeasures.

The results of the analyzes are fundamental because they measure the effectiveness of the security systems, highlight the gaps and allow  to prioritize the investments in Cyber Security.

Here are the main advantages of CyberExpert:

1. No software to install: CyberExpert is a ready-to-use web platform, with significant savings in time and investments;
2. Easy to use: just enter the required data on the platform (public IP address, email, domain, web address) and plan the analysis. When ready, CyberExpert sends the report directly to your email address;
3. Intuitive Reports: Cyber ​​Expert reports are comprehensive and easy to understand. They highlight the vulnerabilities of the information infrastructure, report the presence of your data on the deep web, data breaches, malware and guide you in enforcement actions;
4. Available APIs: Are you a reseller? Integrate the Cyber ​​Expert platform to your online shop through the APIs that Namirial gives you. Your customers will be able to access the platform directly from your website.

In addition, with Namirial’s CyberExpert you fully comply with the General Data Protection Regulation of the European Union (GDPR). Remember that the legislation has important implications for data privacy, and regulates the data security (Sec. 2, art. 32, par 1, letter d: obligation for companies to implement processes to evaluate “the effectiveness of technical and organisational measures for ensuring the security of the processing”).