The pervasiveness of the insider threat is something every company worries about. And according to the conclusions reached by Dtex Systems based on threat assessments from several global organizations, 100 percent of companies have blind spots that enable the continued presence of the insider threat.\n\nNo argument there.\n\nEvery company that provides their employees with decision-making authorities gives their employees the power to make decisions that undermine the company. What stops wholesale anarchy are unified goals, awareness training, and, above all, trust. There doesn\u2019t exist a company that can bring the insider threat down to zero percent. But there are many that bring it close to zero.\n\nThe Dtex 2018 Threat Report serves to bring to the forefront those areas where companies, and that is every company, big or small, can invest their resources to bring down the threat posed by their trusted insiders.\n\nClearly, visibility on the need to focus on basic cybersecurity 101 is required. Richard Stiennon, IT-Harvest Chief Research Analyst and Charles Stuart University Lecturer, tells us, \u201cBusiness needs to get out of the cybersecurity denial phase it is stuck in. To do this, it must accept that it needs more visibility into what\u2019s going on in its environment.\u201d\n\nHighlighted is the statistic that indicates third-party cloud storage is being misconfigured, allowing the public to access the information. Not just a few of the respondents, but 78 percent of the respondents say this has happened to them. We intellectually understand the downside when customer data goes flying out the proverbial cloud-window \u2013 \u201cHouston, we have a problem.\u201d\n\nNow, think about the effect on the protection of trade secrets and intellectual property exposure. Call your legal team, and ask them about the piercing of the trade secret protection when information isn\u2019t afforded the required safeguards. This may incentivize those setting up cloud-based storage to pay closer attention, especially if it means the company\u2019s viability. \n\nThe Dtex information shows us 90 percent of all assessments were transferring data to un-encrypted and unauthorized USB devices (phones, USB, data cards, etc.), proving once again, that convenience will always trump security. Perhaps epoxying all USB ports is a solution, or maybe providing encryption capability for storage of all company data is another. But if you think policy decrees will stop the employee from doing what they need to do to get their job done will stop this issue, then please allow me to sell you what is behind door number three.\n\nWhich brings us to the crux of the issue when dealing with the insider threat.\n\nShould we distrust our employees?\n\nThey are your colleagues. You hired them. Do you hire untrustworthy employees? Probably not.\n\nDtex CEO Christy Wyatt commented, \u201cWhile malicious users are always looking for new ways to defy security controls, not all internal risk comes from bad intent. Trusted employees don\u2019t always understand when they are engaged in damaging activities and can fall prey to bad actors looking to steal their credentials. The lack of visibility into all types of user behaviors is creating employee-driven vulnerability problems for every business.\u201d\n\nAs a former career intelligence officer who specialized in human intelligence, I know the human factor has always been the work-around to render ineffective technological defenses.\n\nThe insiders who are compromising companies come in two flavors \u2013 those who are acting in a malevolent manner and those whose actions put the company at risk in an unwitting manner.\n\nThe former is far more dangerous than the latter.\n\nInterestingly, the Dtex assessments show an increase in the seemingly sophomoric revenge attacks where an individual in effect DOXs their colleagues (provide personal identifying information on their colleague in a public forum), which causes the individuals' inbox, voicemail, and other means of communication to be overwhelmed (think DDoS on a personal level).\n\nAnd not surprisingly, 67 percent of the assessment reported the malicious employees engaging in risky behavior, which puts their devices at greater risk than those who don\u2019t visit porn and gambling sites.\n\nWhat\u2019s missing?\n\nWhat is missing from this report are the number of instances where an insider voluntarily opts to break trust with their employer. Revenge or greed are two primary motivators for such behavior. This might be a good question for the next survey.\n\nWe read about these on a regular basis. These individuals are the ones who have staying power and are the ultimate insider threat.\u00a0\n\nTo that end, if a person has natural access and doesn\u2019t trigger any of the data loss prevention (DLP) or other safeguards in place by copying, sharing, or printing the information, it will be nearly impossible to catch them in the act unless you have the individual under full-time surveillance.\n\nEducation, DLP implementation, timely system updates, and re-validation of employees\u2019 privileged access (within the scope of least privileged access) are all worthy recommendations.\n\nThe bottom line, as we said in at the beginning, achieving zero threat that an individual may go sideways is impossible. What is within arms reach of every company is bringing the threat down to a manageable level.\n\nWe've got some work ahead of us.