Internal vs. External Cyber Threats: What you need to know
With every good invention, comes something bad. Shortly after the invention of the internet (good thing!), came cyber threats (bad thing!). The Morris worm of 1998 was one of the first recognised worms to affect an entire network of computers. It makes sense therefore, that when companies began taking steps to secure their networks and information against cyber threats the focus was naturally on external intruders.
Unfortunately, this is no longer our reality. We’re no longer only worried about threats from the outside world. With up to 55% of cyber threats now coming from internal sources, companies have to ensure they are have considered the risks of internal and external cyber threats.
The difference between an internal and external threat
The majority of external attacks happen in order to steal confidential information through the use of malware such as worms, Trojan horse viruses, phishing and the like. Some cybercrime groups such as Anonymous carry out attacks against governments and corporations for a variety of reasons, often to teach them a social or moral lesson. While your business might not be a target for Anonymous, it is still a target for other cyber intruders. The most common external attacks targets customer data held by companies, as this personal information has a price tag on the dark web, and stealing data is an easy way to make a living.
An insider threat can be defined as ‘a current or former employee, contractor or other business partner with access to the organisation’s network, system or data and intentionally misuses them or whose access results in misuse’. Most internal cyber-attacks are after employee information, potentially for poaching or recruiting purposes. On the other hand, there are also cases of disgruntled employees with access to servers and confidential information that tend to target and steal intellectual property in order to carry out their personal vendetta.
While some internal threats lack intention, in other words the employee acted in such a way that sensitive data was accidentally compromised, the effect is the same regardless.
How to protect your company
The most important thing a company can do is have a cybersecurity strategy in place that works to address vulnerabilities and has clear steps to take in the event of being breached, either from an internal or external source. It is also important to remember that it is impossible to protect against ever possible threat, but this shouldn’t stop you from trying. User awareness is key in preventing cyber-attacks. In order to better protect your company, you should:
- Educate yourself as to the various forms a cyber threat can take. From malware to a disgruntled employee, there are many ways your system and your business can be put at risk.
- Train your teams on the correct cybersecurity policies and procedures and ensure that these are adhered to.
- Establish seniority and access rights. Only give employees access to what is crucial for them to be able to carry out their job description.
- Make sure the basics are in place – antivirus programs, email security and an intelligent firewall. Secure your servers, your Wi-Fi and encrypt information shared over networks (this means no public Wi-Fi).
- Protect hardware as well as software and ensure all devices (both work and personal) are adequately password protected and remotely erasable.
- Regularly consult with cyber security professionals to ensure no vulnerability is overlooked.