Insider threats in Cyber Security: The enemy within the gates

Abstract: Insider threats have become reality for civilian firms such as Tesla, which experienced sabotage and intellectual property theft, and Capital One, which suffered from fraud. Even greater social impact was caused by the data breach at the US Department of Defense, perpetrated by well-known attackers Chelsea Manning and Edward Snowden, whose espionage and hacktivist activities are widely known. The dramatic increase of such incidents in recent years and the incalculable damage committed by insiders must serve as a warning for all members of the cyber security community. It is no longer acceptable to continue to underestimate the problem of insider threats. Firms, organizations, institutions and governments need to lead and embrace a cultural change in their security posture. Through the adoption of an Insider Threat Program that engages all the strategic branches (including HR, Legal, Information Assurance, Cyber Security and Intelligence), coordinated by the chief information security officer and supported by c-level executive, it is possible to implement a framework that can prevent, detect, and respond to disloyal and/or unintentional insider threats. Hence, defending your enterprise from insider threats is a vital part of information security best practices. It is essential that your company highly valuable classified data and assets are protected from its greatest threat: the enemy within the gates.