According to the 2022 Verizon Data Breach Investigations Report, insider threats and credential-based attacks comprise the majority of security breaches (over 90%) impacting organizations. Insider attacks involve malicious and negligent activity against an organization that originate from people who have been granted legitimate access. The usual suspects are employees with access to an organization’s network, applications, or databases, but can include contractors, vendors, and service providers.
Most security practitioners view the insider threat problem through a pure threat lens (e.g., all employees are threats), yet others see it as a compliance exercise (e.g., addressing NIST and ISO gaps). The key and real value, however, is to view insider threat as a risk management problem and see it in the context of asset impacts, vulnerabilities, and threats. In doing so, the organization can gain proper insight into its true risk posture. The purpose of this eBook is to provide necessary thought leadership on best practices for managing insider threats through the application of a defined insider risk management model.