Guarding Against the Insider Threat: Do Your



            Employees Pose the Greatest Risk?

            By Moty Kanias, VP of Cyber Strategy & Alliances, NanoLock Security



            Great businesses understand that their people are their most important assets.  But there is another side
            to that coin.  Employees and contractors may also threaten your company by virtue of their access and
            expertise.  Most experts consider three categories of insider threats: preventable mistakes due to simple
            human error, stolen credentials, and criminal or malicious actors. Issues from the first two categories are
            much more frequent than those from the third category, but all insider attacks are on the rise.

            The 2021 incident in Oldsmar, Florida is evidence of the impact of human error — what was initially
            thought of as a malicious remote access incident turned out to be an in-house employee accidentally
            having clicked the wrong buttons.



            The 2023 charge against the attack on Discovery Bay Water Treatment facility in Tracy, California, on
            the other hand, shows us how well-meaning employees or contractors can turn against their employers,
            instigate attacks, and potentially cause significant damage.

            The above examples hint at a much larger problem. In fact, according to the Ponemon Institute, every
            single company that they surveyed had an insider incident last year.




            Cyber Defense eMagazine – September 2023 Edition                                                                                                                                                                                                          99
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.