Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.

7 Ways to Thwart Malicious Insiders

Malicious insider incidents may be less frequent than inadvertent user missteps, but they can cost organizations big time.

Steve Zurier, Contributing Writer, Dark Reading

September 27, 2021

8 Slides

Malicious insider activity is less common than the inadvertent missteps by insiders -- but they are expensive. While malicious activity comprises just 23% of all insider incidents, according to a 2020 Ponemon survey, these attacks typically are more costly for the organization -- averaging $755,760 per incident and $4.08 million per year.

Overall, malicious and non-malicious insider incidents can account for the loss of up to 20% of annual revenue, according to research from Code42 and Aberdeen.

“Data today is digital and portable, so it's never been easier to take,” says Jadee Hanson, CISO and CIO at Code42. “There are countless ways for employees and contractors to move proprietary documents to a removable USB drive, personal Dropbox, or G-Drive and take it with them to benefit them in their next role or give a competitor a strategic advantage."

Hanson points to source code, patent applications, and customer lists being at risk. "Many of these cases go unreported and impact companies for years to come," she says.

Here are tips to protect against a malicious insider attack. Many of these best practices help prevent non-malicious insider incidents, as well.

About the Author(s)

Steve Zurier

Contributing Writer, Dark Reading

Steve Zurier has more than 30 years of journalism and publishing experience and has covered networking, security, and IT as a writer and editor since 1992. Steve is based in Columbia, Md.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights