+44 (0)203 823 9030 @CyberseerNet

Sources:

W:T:

Cyberseer is a managed security service and solutions provider with a comprehensive suite of smart technology and threat intelligence service. We work with clients to develop flexible and dependable cyber security solutions that support enterprises across the UK.

Publicised insider data theft incidents, such as the Morgan Stanley breach or Edward Snowden case, highlight the growing need for better security practices and solutions to reduce the risks posed by insider threats.

such as managers with access to sensitive information, pose the biggest insider threat to organisations.

plugging in an infected device or known device into a corporate network has increased risk of corporate data being stolen.

Outsourcing, third-party technologies and cloud computing increase the attack surface.

Attackers know the best way to infiltrate an organisation is through its trusted insiders. Employees with a high degree of access to the corporate network can be identified using social media.

56% endpoints

DatabasesFile Servers

Mobile DevicesEndpoints

Business ApplicationsNetwork

Cloud Application

52% sensitive financial data

57% customer data

54% intellectual property

46% company data

45% employee data

30% sales &marketing data

20% healthcare data

Intentionally harms the organisation, by stealing

data, commerical secrets and intellectual

property.

Unwitting employees enable external attack.

Not deliberately malicious, but actions result in

damaging consequences.

35% files servers22% cloud applications22% databases22% business applications

IT Pro’s were asked ‘What IT assets are most vulnerable to insider attacks?’

IT Pro’s were asked ‘What types of data are most vulnerable to insider attacks?’

IT Pro’s were asked ‘What IT assets are most commonly used to launch insider attacks from??’

43% network

42% mobile devices

Increased Costs Increased Fines

Lawsuits

Impacted Revenues

Reputational Damage (from customer & market perspective)

Compromised Shareholder Confidence

When determining insider threat activity is a lack of contextual information from security tools.

Monitor Detect

AnalyseEradicateThreat X

www.cyberseer.net

www.infosecbuddy.com/wp-content/uploads/2015/06/Insider-Threat-Report-2015.pdf; http://www.prnewswire.com/news-releases/ponemon-institutes-2015-global-cost-of-data-breach-study-reveals-average-cost-of-data-breach-reaches-record-levels-300089057.html; http://www.infosecbuddy.com/wp-content/uploads/2015/06/Insider-Threat-Report-2015.pdfhttp://www.cbronline.com/news/cybersecurity/data/insider-threat-20-of-office-workers-would-sell-corporate-passwords-to-third-parties-4844299?

INSIDER THREATLANDSCAPE

256DAYS

What are they? Why are Insider Threatson the Rise?

Top Types of Insider Threat: IT Assets at Risk:

Data Most Vulnerableto Insider Attacks:

Launch Points forInsider Attack:

Privileged Users

Third Party Associates & Contractors

Regular Employees

BYOD

Open Networks

Social Engineering

62% of security pro’s sayinsider threats

have become more frequent in the last 12 months.

Regardless of motivation of the insider, business impacts are universal:

MaliciousCompromised

Negligent

57%55%

44%42%41%

36%31%

£01010001000010101001001010100101

+

???

Insider Threats are left undetected for: 20%

of office workers

would sell corporatepaswords to third parties.

££

£

£

Biggest Hurdle Take Action

Content AwareSecurity

Contact Us:

Discuss the threats affecting your network:

INSIDER THREATLANDSCAPE