New Frontiers of Network Security: The Threat Within

TL;DR

This paper discusses the rising threat of insider attacks within organizations, analyzing attacker motives, and proposes mitigation strategies to counteract these security risks amid increasing mobility and connectivity.

Contribution

It provides a comprehensive understanding of insider threats, attacker motives, and introduces mitigation techniques tailored for organizational security enhancement.

Findings

Insider threats account for nearly 70% of security breaches.

Mobility and ubiquitous connectivity increase insider threat risks.

Mitigation strategies can significantly reduce insider attack impacts.

Abstract

Nearly 70% of information security threats originate from inside an organization. Opportunities for insider threats have been increasing at an alarming rate with the latest trends of mobility (portable devices like Laptop, smart phones etc.), ubiquitous connectivity (wireless or through 3G connectivity) and this trend increases as more and more web-based applications are made available over the Internet. Insider threats are generally caused by current or ex-employees, contractors or partners, who have authorized access to the organization's network and servers. Theft of confidential information is often for either material gain or for willful damage. Easy availability of hacking tools on the Internet, USB devices and wireless connectivity provide for easy break-ins. The net result is losses worth millions of dollars in terms of IP theft, leakage of customer / individual information, etc. This paper presents an understanding of Insider threats, attackers and their motives and suggests mitigation techniques at the organization level