HackerOne Incident Raises Concerns for Insider Threats
In a blog post Friday, HackerOne disclosed a security incident involving an employee who took advantage of the platform’s coordinated vulnerability disclosure program for financial gain. A call on June 22 from a customer reporting “intimidating and suspicious off-platform communication from an actor” prompted an investigation. Now, a detailed disclosure timeline revealed the actor to be an employee who anonymously disclosed vulnerability information to claim additional bounties.
Your Biggest Cybersecurity Threats are Inside your Enterprise
Whether intentional or unintentional, insider risk and insider threat come in many forms and have harmful consequences – and in this post-pandemic era marked by economic uncertainty and workforce churn, they are on the rise.
A 2022 cost of insider threat survey by Ponemon Institute [subscription required] found that insider-led cybersecurity incidents have increased by 44% over the last two years, with average annual costs of known insider-led incidents up more than a third to $15.38 million.
4 Types of Insider Threats Every IT Pro Should Know
Every organization would like to think that their employees are trustworthy and have the organization’s best interests in mind (and indeed, most employee are trustworthy). Even so, history has conclusively demonstrated that insider threats can pose a problem, and so security-conscious organizations have put in place certain policies to minimize the damage that an insider could do.
The Insider Threat now Lives Outside the Office
Although the pandemic has waned somewhat, security organizations are still dealing with the new world of the distributed office. And, when it comes to cybersecurity, the main focus for organizations has been on IT security, which still proves difficult.
Companies are also failing to control, or in some cases, even think about at all, the behaviors of their employees – the ordinary people who work remotely from not just home, but also from myriad public spaces. That’s why operational security – a risk management process that offers guidance on how people should act – has never been more important to organizations.
Why Insider Threats Pose Unique Risks to National Security
Insiders have always posed a unique threat to national security. From Benedict Arnold’s treacherous turn to Robert Hanson’s dramatic betrayal, America’s own have caused grievous damage to the nation. The evolution of the internet, the relative ease of transferring data and the ability to send/receive anonymous money transfers have opened new holes in America’s defenses, dramatically increasing the risk of insider attacks. America needs to adapt current policies to combat the growing insider threat to critical networks.
4 Tips for Improving Your Insider Threat Program
A key role of an insider threat program is making stakeholders across an organization aware of where the risk is, Langer emphasized. Once organizations are aware of risk, they can ‘transfer, mitigate it, or accept it as-is,’ he noted. Not all risks can be eliminated, but organizations need to know where risks are, and take appropriate steps – often that starts with security professionals.
“Security professionals are the fulcrum in an organization,” said Langer. “We see risk, and we frequently introduce the people taking those risks to the people who own those risks.” Security professionals can help incorporate and influence across the organization. But because the security risk isn’t siloed, neither should the responsibility be.