According to experts, the biggest threat companies face is their own employees, because they have legitimate credentials to access data and systems, potentially allowing them to cause massive damage within the organisation. Vincent de Vries, CISO at Fox-IT, wrote an article for the Platform voor Informatiebeveiliging (Dutch platform for information security) about how to detect insider spies.
A good example of an employee with harmful intentions is Edward Snowden. While working as an NSA contractor, he managed to download thousands of classified documents, which he leaked to journalists and allegedly to the Russian government. “The NSA is considered one of the most technologically sophisticated organisations in the world,” De Vries says in his article, but even they “failed to detect this incident.”
Fox-IT: Spies within your own ranks can cause massive damage and stay undetected
A malicious employee can have a huge impact on a company, since they could commit fraud, sabotage data, or steal information or intellectual property. That stolen information could be leaked to competitors, detrimentally affecting the company’s competitive advantage on the market. Other negative effects could include financial damage or instability, an outflux of clients, and a loss of customer confidence.
The full article can be accessed on the Platform voor Informatiebeveiliging website.