An Accidental Insider Threat occurs when an employees’ actions lead to damage to a system or network, the loss of critical or sensitive data, or even where a helpful employee holds a door open for a hacker to enter a secure building. These incidents can occur with zero malicious intent, making the incidents accidental in nature, but they still can be very damaging to the company in question.
Examples include: an employee accidentally deletes an important document; an employee falls victim to a spear-phishing attack introducing ransomware into a company’s network; and when an employee accidentally shares more information with a client or 3rd party than they are legally allowed to.
Related Terms: Data Loss Prevention, Insider, Malicious Insider Threat
What should SMB’s do about Accidental Insider Threats?
Educate your employees that cybersecurity incidents by hackers outside the company often cannot be successful without an internal employee making a mistake. Internal threats exist that are both accidental and malicious in nature. Educating your staff to be vigilant in watching for inside threats or mistakes, is a critical piece of your SMB’s cybersecurity awareness program.
All threats against your company, whether a disgruntled employee, or simply an employee who isn’t properly trained can lead to very damaging consequences. Here are a few prevention tips to reduce the risk of this happening:
- Implement the Principle of Least Privilege by removing admin rights from employees operating windows computers;
- Monitor computer systems to see where data is coming from and who is accessing it;
- Implement Data Loss Prevention technologies on your email systems to spot critical and sensitive data leaving your business via email; and
- Train employees on the security basics including malicious and accidental insider threats.
There are other steps one can take, but the four above represent a good starting place for SMB owners to building a strong cybersecurity program. With awareness comes better security.