47 data security experts compare the risks of insider threats vs. outsider threats
The risk of insider threats compared to outsider threats is an ongoing debate, though more companies are taking notice of the risks that insiders can pose to the company’s data security today than in the past. Historically, the data breaches that make the news are typically carried out by outsiders. While these breaches can cost hundreds of thousands of dollars (often millions more), outsider threats are generally the threats that have been addressed with traditional security measures. It’s the threats that originate from inside that are much more difficult to prevent and detect using one-size-fits-all security measures.
Just one of the reasons that insider threats are more difficult to prevent stems from the fact that insiders don’t always threaten the company’s data security intentionally. In fact, many data breaches resulting from insider threats are completely unintentional. To combat these risks, as well as the insider threats originating from those who do have malicious intent, a holistic approach to security is essential in the modern threat landscape – one that adequately addresses not only insider and outsider threats, but effectively manages both unintentional and intentional threats posed by those within your organization.
To gain more insight into the threats posed by insiders vs. outsiders and how companies can effectively mitigate these risks, we asked a panel of data security pros to answer this question:
“What’s more of a threat to a company’s data security: insiders or outsiders?”
Find out what our experts had to say below.
Meet Our Panel of Data Security Experts:
Greg Kelley is CTO for Vestige Digital Investigations, a company the performs computer forensic services and data breach response for organizations.
“In my experience, the biggest threat to a company’s data security is posed by…”
Insiders. They already have an upper hand on the outsiders; they are inside of the organization. An insider does not have to deal with getting through a firewall and potentially creating network noise in doing so. An insider will usually know where the important data resides. Quite often, that insider will have the proper security rights to the data as well, an advantage over an outsider. To further assist in their theft, insiders are often not monitored to the extent that IT security will monitor an outside attack. Even if an insider is being actively monitored, it is difficult for IT to determine whether or not the accessing of a document or copying it to a USB drive is for legitimate purposes or nefarious purposes, especially when those documents are regularly used by the insider. Typically, insider theft is only detected once the insider leaves the company. Outside threats have the advantage, usually, of anonymity, but for all the reasons previously mentioned, insiders are more of a threat to data security.
By Nena Giandomenico & Juliana de Groot