Insider Threat
Biggest threat to any Organization is the dangers, risks, and liabilities associated with the Insider Threat. They have access to internal Systems and Data which is huge in today’s world. Whether Confidentiality level of Data is PII, CUI, or merely just Company Confidential, the Risk of Mishandling said information is extremely high. Trust is a thing but properly assessing and training employees goes a long way with Mitigating this threat. Make absolutely sure your staff are Trained and Updated on recent Hacking and Phishing Vulnerabilities and Attacks. Social Engineering is huge during the Holiday Season because everyone and their mother is giving things away this time of year. Its kind of beautiful if you really think about sweet little baby Jesus encouraging the helping and gifting to others. Any who, always be mindful of how aware your end user populations are about sophisticated Phishing attempts and especially the dumb ones. You would be surprised to know how many successful phishing attempts are done through personal email. It is not as common in the workplace because an Outstanding Security Team will always mitigate Phishing Attempts at the Network Firewall and Corporate Content Filter Levels.
Furthermore, if Data is going to be exfiltrated it is most likely going to be from an inside source. You should block access to Personal Email Domains i.e. gmail, yahoo, hotmail etc.. because Personal Emails are riddled with Spam, Trojans, and Phishing attempts. They are also just one attachment away from exfiltrating the wrong piece of Data. Security can be curbed in cases of convenience but this is where your Insider Threat Response comes in. If you’ve now acknowledged that your Infrastructure permits the Logging into Personal Email on Company Devices then you need to mitigate the risks of worst case scenarios. Do you have appropriate Security Controls in place to prevent someone in your Finance Department from sending the wrong type of File to a Foreign Government? Do you have Up To Date End Point Security and Anti-Virus Software to combat Trojans, Worms, and other Malware in case an End User accidentally clicks a link or attachment that downloads a payload? Do you have proper Content Filtering and Blacklisting that prevents End Users from knowingly or accidentally visiting risky or malware infested sites?
An additional layer of security should also be implemented at the Mobile Device level through a Secure FIPS Compliant Mobile Device Management Solution that prevents Screen Shots, Copy and Paste, and the opening of links.
The easiest way to exfiltrate is in a Corporate Office where everyone is just smooshed together. If automatic screen locks are not forced on all end user workstations then the statistical likelihood of at least 2 workstations being unlocked with no owner at the helm at any given time is extremely high if not enforced. Secure your workstations and Train your End Users to remain vigilant with Securing their systems and your org. As soon as a hacker gains access to an account or computer they may be able to cause serious monetary and physical damage to your infrastructure so make sure Securing Systems is taken seriously.
