Hello week four of National Insider Threat Awareness month! This week we’re talking about insider threat personas. Who’s responsible for insider attacks? Of the possible threats to enterprise data and computing resources, none is more apparent than the insider threat, those who are already inside the network perimeter. ITMG posts regular updates of Insider Threat Cases in the news and the personas behind them. ITMG Insider Threat Cases – September 15, 2021 showcases an insider fraud scheme where three operators from financial services firm Biscayne Capital were indicted for $155 Million in investment fraud.
There are a variety of insider threat personas because all employees already have some level of access. Let’s take a closer look at who these people are, and why they might breach the data or systems.
The top persona is that of privileged users, those who have administrative access or a higher level of privilege than the average user. It’s only natural to think of them as the highest risk, because they already have privileged access to networks and data. The systems administrator, database administrator, or network support analyst doesn’t have to use subterfuge to gain additional access.
While it’s certainly possible for privileged users such as these to obtain unauthorized data, or to attack systems or software for many possible purposes, the culture of most privileged users is that they understand and internalize their privileged positions, and are less likely to take advantage of them. While they can certainly do so for money, revenge, or ransom, among other reasons, it’s difficult mentally for them to deviate from the respect they have for computing resources. These users can cause the most damage, but ..
Support the originator by clicking the read the rest link below.
