Yet Another Multinational Corporation Succumbs to Insider Threat27, June 2018
Electric car manufacturer, Tesla, becomes the latest victim.
Even the man who is revolutionizing transportation both on Earth and in space and has founded nine companies to date, couldn’t protect critical data from being leaked by an insider. The consummate inventor and maverick, Elon Musk, recently admitted that a former employee managed to leak proprietary data at Tesla. When it comes to cybersecurity, most business leaders are focused on malware and hackers and fail to recognize the danger that lurks within the company walls. According to Dr. Alexander Stein, a psychoanalyst and the founder of a consultancy providing predictive insights in human risks, “It’s a mistake for business leaders to consider cybersecurity issues to be more weighted to the technical and technological than to the human psycho-social dimensions.”
In a recent survey commissioned by ERP Maestro, only 25 percent of the executive/management respondents were concerned about the security of the company’s SAP data and systems. In regards to SAP data, it remains a lucrative target given that SAP systems touch 77 percent of the world’s transactions. Although the C-suite is likely to agree that prevention is better than cure, many companies today are still reactive to security issues rather than proactive.
Unlike the case with Tesla, not all of the insider attacks are done by malicious insiders. In fact, most of them are due to careless or uninformed staff, 46 percent, according to a recent study. “Shadow risks,” as Dr.Stein terms them, are especially hard to identify. So what measures and ammunitions are available to companies, to predict, detect and deter these attacks?
Any cybersecurity expert will tell you about authentication. Ensuring you verify the identities of your users and are certain they are who they say they are. But authentication alone is not a holistic solution for internal cybersecurity risks. Companies can derive a robust internal security strategy by considering these key elements:
What are you trying to protect?
Who has access to your critical information?
What can they do with this access?
The cardinal rule of access management is to ensure that employees only receive just the right amount of access to do their jobs. This is a process best set forth together by both the security admins and the business owners in a company. IT team understands the technical nuances while the owners understand their employee’s scope of the job. When access is granted and assigned based on such task-based roles, access is limited to only what the employee needs to do his job.
After identifying what data matters the most to you—customer information, company’s financial accounting details, employees’ personal information, and as with the attack on Tesla, proprietary information—the next step is putting up a formidable defense against insider threats by limiting access to it.
Automating access management allows companies to continuously monitor risks and vulnerabilities. But is it sufficient just to understand who has access to this data? In most cases, the access provided is valid but there is no way to determine what is being done with this access or how the sensitive data is being used. This is where having actionable insights into the changes made during the periods of sensitive access helps.
Last, but not the least, combating insider threats is an ongoing process. Big data, IoT, AI and various digital transformations continue to compound the complexity of cybersecurity.
As Dr.Stein puts it, “Many companies go about their business falsely assured, unaware of human rakes-in-the-grass and shadow risks to which they remain vulnerable. These include recognizing that good solutions start with accurately understanding the problem.” Unfortunately, Tesla isn’t the first example of insider threats in 2018 and won’t be the last. By designing a holistic security strategy against internal threats, businesses can ensure their company isn’t the next victim.
Companies interested to learn more about the above three aspects of internal cybersecurity strategy can visit us at Booth #210 at Cybersecurity for SAP customers 2018. Our experts are in Prague showcasing ERP Maestro’s automated, cloud-based, end-to-end platform for access controls and security.