With credit agency Equifax’s massive data breach and alleged Russian hacking in the 2016 election drawing media attention, Stanford political science professor Scott Sagan has found, in a new study, that although the possibility of “insider threats” to an organization’s security on a daily basis is low, the consequences increase dangerously with each breach.
According to Sagan, insider threats are threats to an organization that come from people within the group, such as employees, former employees, contractors or business associates, who have inside information concerning the organization’s security practices, data and computer systems.
Sagan, a senior fellow at the Center for International Security and Cooperation (CISAC), examined these growing dangers in a book he co-edited with Harvard professor Matthew Bunn, titled “Insider Threats.” The book, published Dec. 2016, studies challenges organizations face in protecting themselves from employees who might betray them, even with high-security measures in place.
Herb Lin, senior research scholar at CISAC and Sagan’s colleague, said there are two kinds of insider threats: the malicious and the inadvertent. Lin, who has served on the Presidential Commission on Enhancing National Cybersecurity, said malicious threats come from people who are willing to do something harmful to the organization, while inadvertent threats are executed by people who have been tricked into damaging their organization.
“One-hundred percent of people are vulnerable to being tricked, at some level or another; nobody is immune from being tricked,” Lin said.
Lin also said there are many common mistakes that national security organizations such as the U.S. military make when it comes to dealing with these insider threats. Lin explained that many national security organizational background checks are not stringent enough to ensure employees are reliable and trustworthy.
“They ask very obvious questions that are not related to [employees’] beliefs in the most general way,” Lin said. “For example, they may ask if the person is patriotic, but not in any suspicious sort of way.”
According to Lin, background checks help with certain kinds of insider threats but do little to prevent most of them.
“People should be re-inspected every few years or get recertified every few years, but there is no continuous monitoring,” Lin said.
Contact Pratyusha Macherla at pmacherla09 ‘at’ gmail.com.