When talking about computer security, some of the most common issues that come into people’s minds include malicious outsiders, viruses or malware that try to break into the computer networks (Johannes and Michel 2009). Conversely, information technology researchers highlight that there is as much threat on the inside of the organization’s firewall just as from exterior (Johannes and Michel 2009). An insider threat can be described as a malicious hacker who has a legal access to the company’s networks and computers. This can also be applied to refer to an individual outside the company but poses as an officer or employee of the company through false credentials, and can also be business partners, contractors, auditors, or alumnus possessing a legitimate email address of the company. These individuals are often concerned with activities that are aimed at causing harm to the company (Nicholas 2008).
Firion has given privileges to some employees who are authorized to access IT resources appropriately for the benefit of the firm. This in itself is a great threat to the information security of the firm since some of these are very intelligent and could carry out fraudulent activities without being detected. On the other hand, the firm has discovered some mistakes by some employees that appear malicious and fraudulent, like disclosing company information to outsiders. This is very compromising to the defined security policies for a company’s IT.
In addition, another insider threat still faces Firion, the employees who mask their identity to carry out malicious activities that compromise the security of the database. Information specialists in the company are of particular concern because they possess the skills and access to engage in malicious activities. Of particular concern here are the system programmers, system administrators, operators and network specialists. The amount of potential damage they can cause the firm is significantly higher the average computer users since their job functions elevate them above other employees in terms of access and skills.
However, it is important to note that not all insider threats are malicious since this can happen as a result of a careless activity that is not actually aimed at causing any harm to the company (Johannes and Michel 2009). Nonetheless, one thing remains clear, that insider threats are actually costly to the company, especially for those that have no resources that could be applied to watch on such actions, stop adverse outcomes, or shun destruction in case data leakages take place (Nicholas 2008).
Basically, the harm generated by the insider threat can come in various forms, for instance, the introduction of Trojan horses, worms and viruses, theft of money, theft of corporate secrets or information, deletion of data or corruption, changing data to generate fake criminal evidence, or the theft of the identities of the key individuals within the company (Nicholas 2008). In addition, it can be noted that the insider threat affects almost all components of the computer security (Johannes and Michel 2009). However, security against the insider threat entails implementing measures such as the multiple spyware scanning programs, firewalls, archiving routine, rigorous data backup and anti-virus programs. Information technology experts highlight that the mitigative and protective measures are difficult to implement without causing damage to the company’s normal operations, one reason why insider threat is often viewed as a costly problem to the general organization.
In order to protect the company and meet regulatory requirements, security best practices must extend to the protection of information systems. Firion needs to maintain best policies for their information and data systems for all their intra-agency communication and for all their contractors. Some employees in the firm seem to have more access to the data in the information systems. This dramatically increases the risk of potential abuse and theft. This risk from insiders is increased by the fact that those accessing the data are aware of its value (Nicholas 2008).
Motivation of insider threats
Insiders are motivated by different forces to compromise the IT system in their company. Research has developed general motivating typologies for such criminals, based on a similar typology for serial rape or murder investigations. The five general typologies were: opportunistic, power assurance, sadistic, anger retaliation and profit. It has also been discovered that some insiders are people with strong technical skills, often motivated by a desire to gain popularity among their technology peers (Rogers, 2001). However, money remains an important motivation for targeting specific systems, and the growing trend is now to earn profits from these fraudulent activities. In cases where illicit profits are potentially large, some employees can go as far as developing more efficient and effective computer codes for theft (Rogers, 2001). However, some employees are motivated by a combination of these factors.
Disgruntled employees are also a common source of insider threats. This is applicable to current employees, former employees, contractors and consultants. Such employees could be motivated by frustrations, anger and discontent towards the employer and they may be motivated by the desire to revenge (Backhouse and Dhillon, 2000). It is easy for an employee to get corrupted when they know that their termination is imminent. Firion is not free of this group of insiders, and the results are devastating. In addition, employees understand that information is very costly and that they can easily trade it to other competitors. This causes considerable damage, since IT assets are very critical in a firm. Stress, whether personal or work related is also a major threat to a company’s security (Backhouse and Dhillon, 2000). These workers represent a great risk to a company since stress is a critical factor in insider threat chain of events. Some IT specialists could also be dissatisfied with their work or insecure about their future job creating a large pool of potential attackers.