Abstract
Insider threats present a major concern for organizations worldwide. As organizations need to provide employees with authority to access data to enable them to complete their daily tasks, they leave themselves open to insider attacks. This chapter looks at those who fall into the category which can be referred to as insiders and highlights the activity of outsourcing which is employed by many organizations and defines the term insider threat while pointing out what differentiates an accidental threat from a malicious threat. The discussion also considers various methods of dealing with insider threats before highlighting the role education and awareness plays in the process, the importance of tailoring awareness programs, and what the future holds for insider threats within organizations.
TopIntroduction
In the early 1990s the United States saw a drive in the growth of business because of telecommunications networks and the Internet. Despite this growth, the dependency placed upon these networks placed the U.S. in a precarious position as it also increased their vulnerability to cyber exploitation and by the end of the twentieth century the U.S. had become the most vulnerable nation to cyber-attacks aiming to disrupt or interfere with essential services (McConnell, 2002).
Organizations, worldwide regardless of their size or form have all accepted that an increase in the development of their existing services is essential if they are to improve and gain a much-needed advantage over their fellow competitors. In their quest to achieve this goal organizations understand that a greater dependence is placed upon the need for information technology (IT) for them to compete successfully in the world of modern-day business (Abawajy, 2014). Businesses are already connected with the bulk of transactions taking place in an electronic format the consequence of which is a constant rise in the quantity of both personal and sensitive data produced and later collected. Sensitive data is looked upon as one of the many assets of any organization as many appreciate its significance, considering it to be the lifeblood of the processes and procedures which take place within their business (Sarkar, 2010). As many of today’s organizations compete in lively and fast-moving environments which are constantly developing, they produce a large volume of sensitive data in a bid to achieve their goals which include lower prices, higher quality of products and services and a rapid development. However, the provision of new opportunities coupled with the globalization of activities in both businesses and organizations combined with the swift growth of ICT has given rise to a new problem in the form of threats (Stavrou et al. 2014).
Organizations can find themselves on the receiving end of threats as their information security is susceptible to dangers from a wide variety of sources which present in many different formats varying from the less complicated spam emails to the more structured and complex form of attack such as malwares (malicious software) which can steal or contaminate data and ultimately produce enough damage to leave systems in a condition where they are inoperable (Abawajy, 2014).
One such threat includes that caused as a direct result of online social networking (OSN) which has recently experienced a sudden rise. Certain employees within organizations are accountable for information and are later responsible for the leakage of this same information to outside parties. Careless use of social media has a harmful influence on organizations placing networks and systems at risk of malware which can result in many negative issues including copyright and defamation issues, reduced productivity which significantly affect the organization’s reputation and future income (Molok et al. 2011).
Modern-day information systems are challenged by a wide range of threats and even though attacks which are started from outside such as viruses and hacking receiving much publicity the insider threat however, presents a considerably higher level of danger (Theoharidou et al. 2005). This view is shared by Baracaldo and Joshi (2012), McCormac et al. (2012), and Warkentin and Willison (2009) who all point out that Insider attacks are still one of the most dangerous threats organizations can face today.
Key Terms in this Chapter
Spam: Unwanted or inappropriate messages sent via the Internet normally to a large volume of Internet users usually for advertising purpose or to entice individuals to reveal personal information or spreading malware.
Cybercrime: This refers to any illegal activity involving a computer, networked device or a network. Many cybercrimes take place purely for financial gain although some take place against computers or devices to impair them or disable them and others use computers to spread malware, illegal information, images, or other types of data.
Sabotage: This is a deliberate action whose goal is to weaken an organization by causing disruption, obstruction or destruction. Those that engage in this process are referred to as saboteurs and they usually hide their identities due to the result of the penalties inflicted because of their actions.
Cyber-Attacks: A cyber-attack refers to an assault against a computer system, network, or internet-enabled application or device. Hackers employ a wide range of devices to carry out such attacks. They include malware, ransomware and many other approaches.
Compliance: The certification or confirmation that the person performing an action such as an employee does so in a manner which meets company rules and policies and the activity is carried out meeting standards and guidelines as per the conditions of a contract.
Fraud: This refers to deception, wrongful or criminal misdoings which are solely intended to result in either financial or personal gain.
Malware: This is short for malicious software which is designed purposely with the focus of initiating damage on a computer, server, or computer network. Malware causes damage once it is implanted or introduced in some manner to the target computer in the form of executable code, active content or other software while the user is still unaware that their system has been compromised.
Organizations: This refers to a group of people such as that found in an institution or association who collectively work together in an organized way to achieve a shared purpose or to successfully undertake and achieve collective goals.
Outsider: This is a person or individual who does belong to or who is not involved or included within a specific group of people or organization.
Mitigation: This is the action involved in reducing the force, severity, intensity or painfulness of something and as a result the seriousness or grief experienced from something unpleasant is therefore decreased.
Espionage: This is the act of acquiring private information without the authorization from the owner of the confidential information and it is often referred to as spying or obtaining secret information which can be political, military, or industrial in format.