Insider Threats: Can you Trust your Employees?



Written by


What is an insider threat?

An insider threat is a term used in cybersecurity to describe the security risk that stems from its own current or former employees. These insiders will pose a threat, typically due to their access to sensitive and privileged accounts within the network of the organisation.

The intention of an insider threat is what determines whether the threat is negligent, or malicious. The root cause of a negligent employee is typically simple to pin down; but is often due to poor training, low morale or carelessness.

On the other hand, the motive behind a malicious employee can be more difficult to understand. The malicious insider may not intend to hurt the company, but instead may be motivated by financial gain, or may believe that they are acting for the good of the public. Understanding the motive can help to shape a mitigation strategy for an organisation.

How bad are insider threats today?

According to McKinsey, a recent study found that insider threats are present in 50% of breaches. This is a global issue, with a Ponemon Institute's 2020 Cost of Insider Threats study finding that 63% of data breaches are attributed to negligence.

A 2022 study also found that 39% of UK businesses had experienced a cyber attack of which, the most common threat vector was phishing attempts (83%).

So should you trust your employees?

Although insider threats do exist, it is better to show your employees that you trust them. According to a survey by PwC, employees in a trusting environment felt 76% more engaged than those in “low-trust workplaces''. A trusting workplace environment means that employees are more likely to feel valued and so are more likely to work to their full potential.

What not to do is micromanage your team which could have adverse consequences for both your managers and employees. Firstly, micromanagement is an unproductive use of your manager's time and they will quickly burnout if they are having to monitor their team’s every move.

Additionally, employees will lack initiative and will be more likely to feel that they need to ask for approval on every activity that they complete. Employees will also lack the accountability of their own actions more so than if they weren’t micromanaged.

A better way

An approach that would ensure a trusting environment includes following these three steps:

  • Security training ensures that your employees are fully aware of the threats that are out there and enables them to easily identify a fraudulent piece of communication when they see one. This would greatly reduce the chances of a negligent insider threat.

  • Automated monitoring makes identifying malicious activity possible without having to micromanage your employees. A “normal flow” of activity can be established and trends of activity that are suggestive of being malicious can be spotted as early as possible in the attack cycle.

  • Employing the right people from the start means that you can be confident in the people that you’ve hired, minimising the need for micromanagement, boosting their productivity and resulting in a workforce that you can trust. This can be done through an effective HR and recruitment system.

Get started

Insider threats are one of the biggest challenges in cybersecurity and play a huge role in the rise of cyber attacks. Remember, cyber criminals target people first, which is why they should be your first focus of security. Utilising both security training and a security monitoring system greatly controls this issue.

To learn more about our security training and monitoring, sign up for your security consultation.