“Oh, we’re good, we do external penetration testing.”
Have you heard people say this (or perhaps even said it yourself)?
Companies often think of attackers as something that comes from the outside, yet overlook the far more dangerous threat: attackers from within. Have you adequately considered how the people you already know and trust might actually be a threat vector?
Furthermore, even companies who are considering the insider threat often mistake it as a single attacker type, when it’s actually a collection of attacker types. Some act opportunistically, while others simply make a mistake. Some were once trustworthy but then become disgruntled, while others act maliciously from the outset.
These insiders pose a real risk, and if your security approach doesn’t consider attacks coming from both external and internal attackers, it’s time to look inside.
Who is an insider threat?
As we talk about attackers, let’s make sure we understand that despite what the media might suggest, “hackers” aren’t inherently bad: that term simply refers to someone who makes things behave differently than intended. Good guys do that too. In this article, we’ll explore the bad kind of hackers, the ones who do harm to your company, especially from the inside.