Insider attacks, where staff either deliberately or accidently compromise an organization’s security, are rising steeply. According to Cybersecurity firm, Gurucul, almost half of organizations, 48 percent, report that insider attacks have become increasingly common over the last 12 months. Just over half, 51 percent, experienced six or more such attacks in the past year.
Gurucul’s 2024 Insider Threat report identifies the major causes for the sudden spike in insider attacks: “The top three drivers behind the surge in insider attacks are complex IT environments (39 percent), the adoption of new technologies (37 percent), and inadequate security measures (33 percent).”
A major catalyst for the growth in insider attacks over the last 12 months has also undoubtedly been the increasing sophistication of off-the-shelf hacking tools. Cyber toolkits for hackers now routinely offer cutting-edge deepfake technology and artificial intelligence (AI) for targeted email attacks, known as ‘spear-phishing.’
Organizations are finally waking up to the insider threat
But there is now evidence that organizations are finally waking up to the fact that the greatest threat to security can come from inside their own organization. Gurucul’s report added that a substantial 71 percent of organizations feel at least moderately vulnerable to insider threats, indicating heightened awareness and concern over internal risks. Technical challenges (39 percent) and cost factors (31 percent) remain the primary obstacles to implementing effective insider threat management tools, although organizations are increasingly recognizing the return on investment (ROI) of investing in advanced security solutions.
In the UK, the National Protective Security Authority (NPSA) hopes to leverage this growing awareness by offering companies realistic and immersive insider crisis simulations to test their responses in the event of an insider attack. The NPSA has, for example, developed two scenarios that can be run as tabletop exercises. One focuses on unauthorized and unwitting disclosure, while the other is based on sabotage. Both scenarios take place in a fictional private sector tech company, and participants must navigate a series of events as the crisis unfolds. In addition to the free tabletop simulations, the NPSA also offers a paid-for service in the form of a fully customizable and bespoke simulation delivered by NPSA’s licensed partner, crisis simulation company Polpeo.
