Guess what is the biggest vulnerability in your entire, sophisticated, computer network? It’s not the firewall. It’s not the Wi-Fi. It’s not even missed patches, passwords or protocols. It’s the people in front of the keyboards! Yup… employees are the biggest threat!
Imagine your network is like Fort Knox. Armed guards, massive concrete barriers, 18” thick steel doors, and counter-measures we can’t even guess. Now, imagine an employee invites a bad guy right in using their own keys/passwords. All that security means squat. The bad guy is welcomed inside. That is what we see most often, and it’s the easiest way for the bad guys get inside. Terms like “Phishing” and “Social Engineering”, to name a few, are hot areas in the seedy areas of cyber bad guys because they are easy and they work.
Sometimes it is the employee that IS the bad guy. Maybe they are mad - they didn’t get the raise the expected. Maybe they are going to start their own competing firm. Maybe they want to take all the firms hard work over to their next employer. Maybe they just want to hurt the firm very, very badly. Most networks aren’t designed to protect from an insider.
Worse, many of these attacks simply go undetected. Someone may be taking documents, databases, client lists, emails and such for months and no one ever finds out.
But there are ways to plug these holes. Proactively prevent problems. Unfortunately, most firms don’t think about this until after something goes very wrong.