Companies need to be aware of the signs of insider threats in order to address the problem, says a cybersecurity expert.
"Insider threats have increased by leaps and bounds," said Ram Kumar, information and safety and risk manager for Nissan Motor Corp., based in Bengaluru, Karnataka, India.
He spoke on Sunday during a session of the Risk & Insurance Management Society Inc's 2021 conference, which was held in practice.
This threat may come from the negligent employee or from those with malicious intent, Kumar said.
Motivations for those who pose threats include those who want to carry out illegal activities and have previous transgressions, while there may also be those who "undergo personal stress" due to financial problems or because they did not achieve what they wanted in their career , had a disappointing performance review, or was handed over for an expected promotion, said Mr. Kumar.
Mr. Kumar said that employees and entrepreneurs may not understand legal requirements and are not aware of the processes and procedures that risk companies. Sending confidential data to an unprotected site can also be a big problem, he said.
Also problematic, he said, is that employees break the company's security routines to simplify their tasks and when their devices are not patched and upgraded. [1
Other indicators include whether they bring personal devices, such as USB devices, and those roaming the network to search for sensitive information and copy files from sensitive folders to their own devices.
"Human" signs include cases where employees are often in the office at odd hours, showing "dissatisfied" behavior to employees and continuing to talk about quitting the company and finding new jobs.
Mr. Kumar said measures to mitigate the threat include the use of confidentiality or non-disclosure agreements, the implementation of technology tools to manage the database and software, follow-up of employees who repeatedly try to access security, warn workers about the "doses and don & # 39; ; ts "involved and follows when an intrusion occurs.
A strong investigative process is also needed, as well as "some form of coordination" between different teams to monitor bad action, he said.