Insider Threat Awareness – Don’t Let End-User Errors Cost You

A key indicator of an organization’s overall cyber health is the daily activities and behaviors of its users. Even with effective policies, training, and security measures, we all have the potential to make mistakes – including some that can be significantly damaging. The World Economic Forum (WEF) emphasizes this concern, revealing that 95% of cybersecurity incidents stem from human error. Consider the following five prevalent cybersecurity mistakes made by well-intentioned employees.

1. Allowing unauthorized device access. According to Proofpoint’s User Risk Security Report, half of working adults let friends and family use their work devices at home. Unauthorized users may access sensitive data or inadvertently download malware, exposing an organization to a potential incident. To combat these risks, organizations should consider enforcing strong security measures like password protection and multifactor authentication (MFA), alongside a comprehensive information security strategy that emphasizes the importance of device security across all teams.
2. Misdelivery of sensitive information. Accidentally sending emails to the wrong recipient is a simple mistake that all of us are prone to. When those emails contain sensitive or confidential information the result is often a data breach. Ways to avoid these errors include enforcing encryption for sensitive emails, introducing pop-up reminders to verify addresses, and utilizing data loss prevention solutions as an additional safeguard.
3. Reusing passwords. Implementing a strong password policy is important, but if employees reuse their passwords on less-secure personal devices, websites, and applications, they create easy opportunities for cyber criminals. While there’s no completely foolproof way to prevent this, there are certain tools that can help identify compromised passwords. These kinds of solutions regularly scan your Active Directory against a database of unique breached passwords and alerts users to change their passwords if any compromises are detected.
4. Exposing remote interfaces. The rise of remote work has brought about a different set of challenges. IT teams frequently need to manage tasks from afar, but making administrative interfaces available online is akin to giving unrestricted access of your environment to anyone who has an internet connection. To enable remote access without compromising your security, it’s important to be cautious about what you expose to the internet. Furthermore, utilizing automated maintenance solutions can assist in reducing vulnerabilities and potential risks.
5. Misusing privileged accounts. By applying the principle of least privilege, organizations can ensure employees have access only to the resources needed for their roles, and it’s important to regularly review and adjust user permissions by revoking any that are no longer necessary.

Maintaining strict access controls plays a crucial role in protecting resources, data, and systems from unauthorized access, ensuring confidentiality, integrity, availability, and safety. Access controls should be enforced for users and devices. Security measures such as the separation of privileged accounts and zero-trust architectures help prevent unauthorized access and limit lateral movement. Fundamental 6: Enforce Access Controls from WaterISAC’s 12 Cybersecurity Fundamentals for Water and Wastewater Utilities provides guidance on this topic, including role-based access control, the principle of least privilege, the Zero Trust security model, and strong authentication.

For more information on the five common mistakes mentioned above, visit Bleeping Computer.