Guide

Protect your business online

Insider threats in cyber security

Employees are a common source of cyber security breaches. In fact, most cases of insider incidents involve some type of misuse of corporate IT systems by a staff member.

This misuse may be malicious, however more commonly it happens inadvertently through employee's carelessness or negligence. Regardless of the cause, insider threats can seriously compromise your business, often leading to financial losses and reputational damage. See impact of cyber attack on your business.

Types of insider threats

Most types of insider threats fall under one of three categories: the malicious insider, the negligent/unknowledgeable employee, and the third party contractor.

Typical events that happen in the workplace, and which could pose a significant risk to your business, include things like:

  • browsing unauthorised websites
  • visiting social networking sites
  • sharing confidential information in social network environment
  • opening spam or suspicious links and email attachments
  • accidentally sending sensitive information to wrong people
  • accidentally transferring viruses or malware
  • choosing weak passwords and never changing them
  • using the same password on multiple accounts
  • installing unauthorised programmes on the employee's machines
  • uploading files to online file-sharing service, personal cloud or storage network
  • downloading unauthorised files (eg music, films or photographs)
  • misplacing or losing property (eg laptops, mobile phones, USB devices)
  • providing information to a third-party, eg suppliers or vendors
  • transporting company information via unsecured portable devices
  • sending sensitive work documents to their personal email addresses
  • using unsecured mobile devices to share work data or access company information
  • accessing your business' virtual private network via public computers and public wireless hotspots

Cyber security breach detection systems can uncover risky user activity in real-time and alert relevant teams to investigate. However, education and staff training can often be the key to an effective and preventative cyber security strategy.

Cyber security measures in the workplace

Many unintentional mistakes employees make are entirely avoidable. To help keep your workplace safe, you should:

  • screen new employees, contractors or anyone else who will have access to your business information - check references, qualifications, identity, etc
  • implement a strict, written set of security guidelines
  • set good password practices in place
  • restrict access to unauthorised websites and devices
  • restrict permissions to install software or access system data
  • review current practices on email and internet use, remote working and bring your own device standards
  • ensure staff receive IT security training and know how to use IT systems properly
  • clearly outline the IT risk management policies and practices you expect your staff to follow
  • increase general cyber and corporate security awareness through the workplace
  • insist on confidentiality or non-disclosure agreements for people who are given access to sensitive information
  • build in security controls compliance into employment contracts, including the disciplinary consequences of breaching them

It's important that you explain to your employees their roles and responsibilities in keeping data and company resources safe. Use our sample IT policies, disclaimers and notices to help you set out IT policies for your business.

Lastly, keep in mind that even if you follow all the best practices, you may still encounter security issues from time to time. Review your cyber security risk management processes and develop an incident response plan, to enable you to quickly and efficiently deal with cyber incidents.