Insider threats are present in companies all over the world. If you have any type of valuable information and you work with other people, then your company could fall victim to an insider threat.
Note that there are two kinds of insider attacks: a malicious insider and a negligent one. A negligent insider might leave their computer unlocked when they go to the bathroom. During that time, someone could come by and snap some pictures or take valuable information off of the computer.
When security experts discuss cyber-physical convergence, they reference a few well-known incidents in which an external actor remotely manipulates an internet connected system to impact the physical world, such as the Colonial Pipeline attacks of 2021 that impacted fuel supplies in the south-eastern United States, or the infamous take-down of the Ukrainian electrical grid in 2015.
These incidents are eye-opening. But they can also give the false impression that the cyber-physical convergence sits firmly in the domain of the IT team. In cases like the Colonial Pipeline cyber-attack, there’s very little role for a physical security team. The attack vector is purely the domain of the cyber realm. These commonly cited cyber-physical threat scenarios carried out by malicious external actors can also obscure the risk posed by current and former employees that may have been trustworthy but eventually pose a threat to the organization from insider threats.
Every business today has to think about cyberattacks. Companies of all sizes may find themselves a target, and data breaches can come from anywhere, even from employees. Reliable cybersecurity strategies should account for both insider and outsider threats.
When most people think of cybercrime, they probably think of outsider threats, also called external threats. However, insider threats are just as, if not more, concerning. What’s the difference between the two, and which is worse?
China was a tempting location for StemCultures to offshore its manufacturing to, but this Rensselaer company abandoned its exploration to do so despite already offshoring parts of its operations to other countries.
China’s low-cost model was enticing, but StemCultures ultimately stepped away from its negotiations with manufacturers there for one reason: protection of trade secrets. In engineering StemBeads, Stern’s manufacturing and research and development teams are aware of many trade secrets that they prefer to keep “close to the vest,” Stern explained.
With hybrid and remote working now a permanent feature for many or even most companies, all future security must be designed around it. Existing systems based around offices and other fixed sites are no longer enough and should be updated or complemented.
But more than that, new holistic approaches need to be developed and adopted. As we’ve said, technological systems are advanced enough that criminals are increasingly targeting human vulnerabilities through attacks that get people to unwittingly ‘open the back door.’ As a result, any cybersecurity initiative that emphasizes technology above human training is destined to leave an organization vulnerable to attack.
Attacks against critical infrastructure operators, government agencies and private companies spurred President Joe Biden’s administration to significant action on cybersecurity in 2021. This year, security chiefs face further cyber reforms, a workforce shortage, and ongoing threats from ransomware groups.
A May presidential executive order dramatically shifted what had been a relatively hands-off approach to cyber in the past, with voluntary guidelines and little oversight. Increasingly the government is telling entities critical to the country’s cyber infrastructure exactly what is expected of them, former officials say.
Companies in some sectors are now required to report cyberattacks, appoint dedicated staff to liaise with officials, and must design their networks to conform with zero-trust principles.