Very much like privacy concerns, insider threats may not be the first issue to come to mind when building an enterprise cyber resilience plan. However, they should be. Here is why: because as we noted in the first piece of this series, you want to be able to bend while others break. An insider threat is uniquely positioned to make you break in ways no other threat can.
The Insider Is the Most Feared
In Taylor Caldwell’s 1965 “A Pillar of Iron,” a novel about Cicero and Rome, there is a passage stating how a nation cannot survive treason from within. Below is a play on that passage, showing how the insider can be the most feared threat to resilience.
An organization can survive its fools, and even the ambitious. But it cannot survive deceit from within. A malicious actor outside the network is less formidable, for that threat is known and the tactics, techniques and procedures can, at times, be identified. But the insider moves amongst those within the network and the organization freely, the insider’s sly actions crawling through the network, and even gaining trust of colleagues from within the organization itself. For the insider appears not as a malicious actor; the insider speaks in accents familiar to his victims, wears their face and their arguments, understands the intricacies of the organization’s operations, and appeals to the baseness that lies deep in the hearts o ..
Support the originator by clicking the read the rest link below.
