According to a new SANS survey, 40 percent of respondents rated malicious insiders (insiders who intentionally do harm) as the most damaging threat vector their companies faced. Furthermore, nearly half (49 percent) said they were in the process of developing a formal incident response plan with provisions to address insider threat. This further illustrates the urgency with which companies are moving to address this threat vector.
Following this news, Edgard Capdevielle, CEO at Nozomi Networks, shared his thoughts on the role of insider threats in securing industrial control systems.
Edgard Capdevielle, CEO at Nozomi Networks:
“No-one wants to believe that an employee would act maliciously but trust isn’t a strong enough security defense. Mistakes can happen too and when it comes to ICS and critical infrastructure, security measures must not be built on blind faith.
“Technological advances now enable real-time monitoring and early detection of potential attacks to industrial operations, offering new weapons to combat escalating cyber threats – regardless of who is behind them, or whether they’re motivated by malice or mistake.”