Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Articles

07:00 AM
Terry Sweeney
Terry Sweeney
Edge Articles
Connect Directly

8 Ways to Spot an Insider Threat

The good news is most insider threats derive from negligence, not malicious intent. The bad news is the frequency of negligence is already ahead of where it was in 2018.

The Rise of the 'Persistent Insider'

There's a particular kind of user who seems to be all over the network — "How did she access that server?" — possibly gauging how different departments organize their project data, how often data gets refreshed, or which files see a lot of action or are password-protected. In a spookier realm, all of this could simply be called reconnaissance.

But a successful persistent insider has to keep tabs stealthily, including which permissions they steal or give themselves, servers they access, and files they touch. By maintaining good cover, a persistent insider can use changes in the internal data landscape for bargaining, blackmailing, or outright profiteering. And that means the potential pool of persistent insiders spans everyone from the most bespoke CEO to that taciturn summer intern. Seeing users in parts of the network they don't belong is a call to action for security personnel to double-check permissions for suspected persistent users.

This kind of rigorous monitoring isn't "a checkbox activity" to keep the audit team at bay, Burnell said. Monitoring and managing must be done proactively to really work, she added.

(Image Source: ktsdesign via Adobe Stock)

Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain's New York Business, Red Herring, ... View Full Bio
3 of 9

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View