A disgruntled IT contractor who hacked his ex-employer and deleted 1,200 Microsoft Office 365 accounts, was recently sentenced to two years of jail time. In light of this incident, security expert warns of insider threat which is often ignored.
<div>We often look and focus on the threats that come from the outside: hackers, malware and nation states. Yet many organizations and individuals forget that much of the potential risk stems from insiders. In fact, in a recent IBM <a title=\"https://www.ibm.com/security/digital-assets/services/cost-of-insider-threats/#/\" href=\"https://www.ibm.com/security/digital-assets/services/cost-of-insider-threats/#/\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://www.ibm.com/security/digital-assets/services/cost-of-insider-threats//&source=gmail&ust=1616756995309000&usg=AFQjCNF8fSIjGN6_PnNpIBKycTdwD5uL7w\">report</a> the frequency of insider incidents has tripled since 2016. As was the case with this California company, the board and staff had to learn the hard way that insiders can be a costly risk. There are also varying levels of insider threats, and credential theft is by far the most expensive, overshadowing employee or contractor negligence.</div> <div> </div> <div>In many situations, companies and large organizations suffer from a proliferation of privileged accounts. This is a problem in and of itself, leading to abandoned or orphaned accounts by staff who have left. These open credentials can be exploited, resulting in cases like the California incident. That is why the number one way to mitigate and prevent any of these potential abuses is by utilizing a PAM solution.</div>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics