Insider Threats — Biggest Disguise

3 min readDec 19, 2020


A well-known cloud hosting company became a victim of data breaches in 2019. The hacker obtained more than 100 million customer accounts and credit applications through a badly built firewall. While no guarantees or credit card numbers have been compromised, the company’s reputation and customer trust have had a negative impact.

Interestingly, the developer became a company software engineer who shared his way of getting into the company with its partners through a chat app. A former employee of the company even shared this way on social media which eventually became a source of “reward”. Eventually, the data breach became an internal risk.

Shocking to hear, right?

Organizations often ignore ‘internal threats’ but these are the main contributors to cyber attacks today. Different studies have show that employees, contractors, trusted entrepreneurs could be the internal threats or used for accessing the network of the organization with ease.

Internal intimidation by a person who has authorized access to your organization’s critical programs or information and who endangers the security of the organization by abusing authorized access.

An internal threat does not have to be the person who is active or involved in your organization. There is a chance of a former board member or employee whose access to the sensitive information of your organization is still intact. Different types of possible internal threats existing in an organization could be:

From the picture above, it can be clearly seen that people are primarily the internal threats to the organization. From a study made by the Wall Street Journal, it was found that almost 70% of companies admitted concern about violent employees! While workers continue to be a major security risk in these cyber attacks, traditional security measures may not be sufficient to mitigate those cyber threats.

How Can You Get Rid of Internal Threats?

The vulnerability of the people has led to emerging cyber attacks, organizations contributing to the suffering of big data breaches and undisclosed financial losses. In line with the 2020 cost of the Insider Threats Global Report, the total number of internal threats is growing rapidly. There has been an increase of 31% which is to $ 11.45 million by 2020 from $ 8.76 million in 2018.

Internal threats are hidden everywhere they look today and can be a disaster for businesses if they are not addressed. CISOs and CIOs of organizations should consider these cyber threats and should use the training of internal staff. In fact, every IT security officer should consider internal security as an ‘need for an hour’ in the current state of remote operation.

Organizations should start implementing comprehensive internal protection programs and should adhere to the following guidelines:

Educate staff about a safety awareness tool that provides simulated cyber attacks for real-life training.

Identify and report suspicious activity or behavior indicating that the employee may be a major risk internally.

Keep data protected by providing limited access to confidential information.

Regularly update and maintain a list of user access rights.

Considering complex and strong passwords for accounts.

Establish and manage the basics of data access ethics to detect unusual and potentially dangerous activities.

In order to prevent cyber threats like phishing, DDoS attacks, etc., update the vulnerabilities and combine them together from time to time.

Internal threats can be difficult to detect and very difficult to prevent from damaging the organization. However, by using and implementing security measures, the organization can remain safe. Educating employees about the importance of data security is of equally important along with appropriate security solutions and tools. They need to be trained on following procedures and policies in order to reduce existing internal threats.




A Security Approach In A Zero Trust World