Now that organizations are set to evolve a hybrid blend of home and office-based work for most employees, it is more important then ever to address the risks that insider threat can pose
The old adage “a chain is only as strong as its weakest link” is regularly repurposed for discussions about cybersecurity. It couldn’t be more apt—except in cyber-arena, each link is represented by an individual employee. That makes a lot of potential weak points for attackers to probe. And they do, relentlessly. Unfortunately, the switch to mass remote working during the course of the pandemic turned a long-running problem into an even bigger challenge for cybersecurity teams. 
Now that organizations are set to evolve a hybrid blend of home and office-based work for most employees, this is a challenge that can’t be ignored any longer. The stakes are simply too high. 
Although malicious insiders are a growing issue, the bigger problem relates to negligent or careless employees. Humans are the ones that click on links, set passwords, configure IT systems and code software. They are naturally error-prone and can be manipulated by social engineering. So, naturally they represent a prime cyber-risk for organizations and a major opportunity for threat actors. In a hypothetical world free of human-made mistakes, it’s difficult to imagine a cybersecurity industry  worth the estimated US$156 billion  it is today.  
How does human error contribute to security risk? A few statistics are worth highlighting. 
The financial impact of such threats is debated. However,  one estimate claims  that an insider breach on average cost global organizations nearly US$11.5 million in 2019, up by 31 percent on 2017 figures. 
With the pandemic came new opportunities to target employees. Almost overnight, organizations shifted from centralized IT systems secured with proven policies, processes and technology to a distributed workforce. Employees were not only using potentially insecure home networks and devices, but may also have been more distracted by home life, especially those with childcare commitments. Even those without suffered by being more isolated, making it harder to quickly sanity check suspicious emails with colleagues or IT staff. 
Stress also played a potentially key role here, increasing insider risk.  According to an ESET report  produced last year with business psychology specialist The Myers-Briggs Company, 47 percent of respondents were somewhat or very concerned about their ability to manage stress during the crisis. Stressed employees may be more likely to panic and click on a malicious link, or fail to report a potential breach to IT, the report warned. Long working hours may have a similar effect. Official data from the UK’s  Office of National Statistics revealed  that home workers were at their desks for on average five hours longer than office-bound colleagues in 2020. 
The ESET report had more concerning findings including: 
Alongside phishing, other hybrid working threats including: 
With a partial return to the office, hopefully some of these challenges will recede. Less stress and isolation may positively impact risk reduction efforts. But there’s also the potential for staff to bring bad habits learned during the crisis back into work—along with any malware hiding on devices. The ferrying of laptops back and forth between home and work may also increase the risk of lost or stolen devices. 
However, there are things that security teams can do to minimize the risks associated with the new hybrid workplace. These include: 
Insider risk management is all about trying to protect your weakest link from compromise. With best practice policies and processes supported by the right technology, there is hope for a more secure hybrid workplace. 
good cc shop cc fullz telegram