Insider Threat

According to the latest UK Cyber Breaches statistics, three-quarters of large organisations suffered a staff-related breach and nearly one-third of small organisations had a similar occurrence within the last year.

This event originally happened on the 14th October 2015 at the University of Nottingham.

insider-threat-october-2015-event-cover-imageWhat is the insider threat?

An insider threat is most simply defined as a security threat that originates from within the organisation being attacked or targeted, often an employee or representative of an organisation or enterprise.

An insider threat does not have to be a present employee or stakeholder, but can also be a former employee, board member, or anyone who at one time had access to proprietary or confidential information from within an organisation or entity.

Insider threats can be both intentional and unintentional, and the term can also refer to an individual who gains insider access using false credentials but who is not a true employee or representative of the organisation.

Hostile observations through social media

David Benford, Managing Director at Blackstage Forensics Limited

David delivered the main presentation for the evening, concentrating on how information obtained from social media can help cyber criminals.

One high-profile example of Social Media tracking was the work to locate the missile that shot down the Malaysian Airlines MH17 aeroplane in the Ukraine.

Case Study 1 – HMRC

Gill Ince, Head of Security, Risk and Information at HMRC

Gill looked at insider threat from two perspectives: deliberate and malicious action; and mistakes and errors which cause security problems. HMRC has been part of the National Fraud Initiative run by the Audit Commission where its staff were checked against a number of databases to ensure they were not involved in a variety of frauds. In a wide ranging talk, Gilll also looked at common mistakes and the threat now posed by social media use.

Case Study 2 – Redscan

Simon Heron, Chief Technical Officer at Redscan

Simon briefly looked at how his organisation had attempted to tackle Insider Threat:

Overview of the event

The event was organised by the East Midlands Cyber Security Forum, which is supported by the regional branches of the UK Cyber Security Forum and the Institute of Information Security Professionals (IISP), and the East Midlands Chambers of Commerce.

Here is some background on those organisations and details of upcoming events in the region:

We also had a presentation from our hosts for the evening, the University of Nottingham, on Horizon, its Digital Economy Research unit: