APPLY FOR PARTNERSHIP
Thank you for your interest. Kindly fill out the details below and we will contact you back soon.
Please complete this form to be contacted by one of our experts.
Insider threats are those posed by internal actors who abuse their trusted access to an organization’s systems, data or facilities and act against its interests.
Insider threats are in many cases intentional. In these cases, perpetrators from inside the organization have malicious intentions, may support a third-party with such intentions or in rare instances, may actually be an outsider posing to be an insider. While such intentions may not be present in the case of unintentional insider threats, internal actors still end up unknowingly jeopardizing the safety and security of the organization, either by being careless or by falling prey to targeted scams.
According to our recent report on the prevalence and impact of insider threats among Singaporean enterprises1, 48% of respondents did not deny their organization becoming a victim of such attacks in the last 12 months. The report, titled ‘Insider Threat Report 2022 – Singapore Edition’, examines the current insider threat landscape and some of the key vulnerabilities that enterprises need to address.
When it comes to insider threats, prevention measures continue to fall short. Only 10% of respondents were able to claim that their organization was completely safe against such threats with 11% of the remaining admitting to their organizations being extremely vulnerable. While suitable mitigation policies are the obvious solution, the report finds that many underlying factors are at play in holding back enterprises from building the right barricades.
The complexities of mitigating insider threats
External attacks such as malware or phishing scams can be kept out using perimeter security such as firewalls and intrusion detection systems. Instituting similar measures for internal attacks however, requires striking a delicate balance between access rights and the security of the data and applications that are being accessed. As such, it comes as no surprise that 90% of enterprises find internal attacks being more difficult to deal with than external attacks. For example, denying access to a privileged account upon suspicion of malicious activity can lead to unnecessary loss of productivity in the case of false positives. This demands enterprises to go beyond static rules to more advanced measures based on behavioural intelligence and dynamic policies.
Proactive, real-time or reactive?
Addressing insider threats requires enterprises to institute dynamic policies tailored to the risk profiles of their internal users and the criticality of their data/applications. Halodata’s solutions such as CoSoSys, Apricorn, Kanguru, senhasegura are to equip enterprises with proactive monitoring and threat detection that spans both online and offline operations. Leveraging such solutions, enterprises can greatly reduce their insider threat risks while improving employee productivity and satisfaction.