Prepare for insider threats says former Snowden investigator

One third of all cybercrime incidences are caused by insiders says Keith Lowry

One third of global cybercrime incidences and security breaches are caused by insiders but some organisations are not taking the insider threat seriously, according to Nuix business threat, intelligence and analysis vice president Keith Lowry.

Lowry was the chief of strategy and evaluation group with the US Office of the National Counterintelligence Executive which led the investigation into whistleblower Edward Snowden.

Snowden leaked documents exposing mass surveillance programs undertaken by the US National Security Agency and a range of agencies in other countries.

“It is estimated that over one third of all cybercrime incidences and security breaches are caused by insiders. The true figure is much higher because many organisations don’t always know when an insider breach has occurred or they may be reluctant to report incidents,” he said.

Lowry advised organisations to become more proactive rather than reactive by broadening the scope of cyber security from being focused on the perimeter.

“The perimeter is important; however, those activities alone are usually defensive in nature,” he said.

“We must use technology and human interaction that puts us where that adversary is going to be, not where they were yesterday. We need to define and understand what data we possess that the adversaries want and focus our efforts on protecting those pieces of information.”

Protection can include encryption of data, limiting staff access to critical information and running background checks on employees.

Lowry added that a pitfall of relying on post-activity security alerting is that it can take days before a malicious event is reported.

“This delay can cause scandal and public embarrassment.”

In addition, he said the financial costs for governments, corporations and individuals amounts to hundreds of billions of dollars each year globally.

For example, insiders can steal or leak financially valuable data, such as credit card numbers and personally identifiable information, which can be used to commit fraud or sold on the black market.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags insider threatsinsider threatEdward SnowdenKeith Lowry

More about National Security AgencyNuixTwitter

Show Comments