Will the Insider Threat Intensify in Tough Economic Times?

Will the Insider Threat Intensify in Tough Economic Times?

Author: Tim Wallen, Regional Director, UKI & BeNeLux, Logpoint

The newest economic downturn will increase the likelihood that employees will ask for pay raises as they attempt to deal with the rising cost of living crisis.

While the UK narrowly avoided a recession in 2022, the challenging economic climate we’ve been facing for several months shows little sign of abating. The Bank of England has again increased interest rates after inflation unexpectedly jumped to 10.4% in February, reversing three months of gradual improvement. Indeed, it was a painful reminder that the current economic squeeze is far from over.

For businesses, this adds fuel to an already complex fire. Indeed, this latest economic setback will make staff more likely to demand wage increases as they look to navigate the cost of living crisis. And with enterprises grappling with managing their increasing costs, some will be unable to meet the demands of their staff – or worse still, be forced into making redundancies.

While many individuals will opt to vote with their feet & look elsewhere to obtain higher salaries or accept that their position is no longer tenable, businesses must also be conscious that some could opt for a more drastic response.

Even in more fruitful economic conditions, some staff has suffered no qualms of conscience when exfiltrating data if made redundant. In contrast, others have even gone so far as to accept payments from threat actors to plant malware.

Just last year, a report from Verizon revealed that internal actors caused one in five (20%) global data breaches. Further, a recent survey of 1,310 employees from Gartner showed that almost seven in 10 (69%) have knowingly bypassed their organization’s cybersecurity guidance in the past 12 months.

The figures are staggering. Indeed, according to the 2022 Ponemon Cost of Insider Threats Global Report, organizations spent an average of $15.38 million in dealing with insider threats in 2021. And with current economic hardships set to continue for the foreseeable future, there’s every chance that the insider threat may ramp up alongside the growing number of disgruntled employees. 

Also Read: Potential Risks and Threats of Google Bard

Tailoring Security to The Individual

Thankfully, many organizations are beginning to recognize better the need to protect themselves against insider threats. Gartner predicts that half of the medium to large enterprises will embrace formal programs to organize insider risk by 2025, up from 10% today.

Specifically, Gartner advises – “a focused insider risk management program must proactively & predictively specify behaviors that might result in the potential exfiltration of corporate assets or other destructive actions.”

Of course, knowing where to start establishing such a program can be difficult. Yet, thankfully, there are solutions at hand that can make this both easy and cost-effective to achieve.

User and Entity Behaviour Analytics (UEBA) is a solution designed to help analysts identify, prioritize and manage behavioral anomalies by building tailored security detection plans for all network users. 

Through machine learning, UEBA can build baseline parameters of ‘normal’ behaviors for every user so that any potentially abnormal actions or risky activities that stray outside these parameters can be automatically flagged to security professionals.

Typically, this behavior-based risk model is determined by two forms of context. First, we have the environmental context that considers information such as whether a user was an IT admin, a highly privileged user, or if they own the asset. And second, we have the situational context that can be used to answer critical questions like “has this happened before?” and “is this normal?”.

Using this context, UEBA ensures that any potentially suspicious behaviors immediately trigger an alert supplemented with critical environmental and situational information, enabling teams to investigate insider threats more quickly and effectively.

Also Read: Microsoft Arranges ChatGPT to Work On Automating Cybersecurity

Focused alerts

Since analysts today have to trawl through increasingly large data feeds and evaluate rising alerts to spot signs of security incidents, this solution offers some critical respite, freeing security teams up to focus on higher-value tasks. UEBA can also be used with Business-Critical Security solutions to secure business-critical systems, dramatically enhancing visibility through continually monitoring key risks such as fraud, access violations, and IP theft.

These are capabilities that analysts themselves are demanding. Indeed, research reveals that seven in 10 (71%) believe introducing automation into the analyst workflow would reduce stress, while more than six in 10 (63%) feel advanced analytics/machine learning would also help.

The demand among security teams is there. And given that insider threats are only likely to worsen within the current economic climate, organizations must listen to the security team’s needs to combat the increasing threat of internally instigated breaches.

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.