INSIDER THREATS ‘UNDER-REPORTED’

23 November 2018

An IT expert says insider threats appear to be under-reported in data collated by the Office of the Australian Information Commissioner (OAIC).

 

Ahmed Khanji, CEO of Gridware Cybersecurity, told Emergence Insurance’s latest webinar for brokers that Gridware statistics suggested insider threats were a bigger risk than malicious or criminal attacks. The latest OAIC statistics found malicious attacks were responsible for 57% of notifiable data breaches (NDBs).

 

Gridware data showed malicious threats lagged behind insider threats. Ahmed said: “Contrary to what’s being reported to OAIC, we’ve found employees are the greatest threat. Consider who has access to your customer lists and email contacts.”

 

He said a global survey found 87% of executives viewed untrained staff as the greatest cyber risk to their businesses, yet staff training was ranked high among categories to have made the least progress when measured against the US-developed, voluntary National Institute of Standards & Technology’s cyber security framework.

 

Ahmed said many insider threats came from “phishing” incidents where people were manipulated by emails that tricked them into disclosing or changing passwords.

 

Emergence Head of Sales Gerry Power said OAIC’s latest report found human error was responsible for 37% of NDBs. “As humans, we keep finding new ways to make mistakes,” he said. “But, with sound risk management in place, many breaches can be prevented. Employees are the last line of defence, they must be educated to identify such things as dodgy emails and suspicious invoices.”

 

Medical data was particularly vulnerable because it sold for nine times more than financial data on the dark web.

 

Gerry said managing data breaches was critical to business survival. Ahmed agreed, saying reputation damage was the biggest loss. “About 85% of people won’t do business with companies that have had known data breaches. Facebook is now one of the least trusted companies in the world.”

 

Ahmed said organisations needed good firewalls to guard their networks; strong anti-virus software; endpoint protection for all devices; and intrusion detection and prevention systems that inspected all inbound and outbound activity and blocked suspicious activities.

 

“A hacker can be in your system for 200 days before being identified,” he said.

 

Protection methods include:
• Strong passwords, long enough to prevent brute force attacks
• Two-factor authentication
• Not sharing passwords across multiple devices
• Regular testing and auditing of company policies and procedures.

 

Emergence Managing Director Troy Filipcevic distinguished cyber threats from social engineering, which used psychological manipulation to get people to divulge information using trickery, deception and impersonation.

 

He said social engineering was targeted, sophisticated fraud where trust was built and human weaknesses exploited.

 

Emergence Insurance hosts regular webinars for brokers and their clients to outline the latest threats and help brokers explain cyber risks to their clients.

 

Emergence is a pioneer of cyber cover in Australia and provides protection for SMEs through to ASX-listed entities.

 

Its cyber product includes instant access to an Australian-based incident response team of experts who understand the importance of immediately mitigating potential threats to insureds’ businesses.

 

Brokers can obtain Emergence cyber quotations for clients by accessing the broker portal.

 

This blog is another cyber education initiative from Emergence.