NetSPI Field CISO Nabil Hannan shares advice on key vulnerabilities to be aware of during National Insider Threat Awareness Month. Read a preview below or view it online here.
National Insider Threat Awareness Month (NITAM) is an annual, month-long campaign that takes place in September to educate government and industry about the risks posed by insider threats and the role of insider threat programs. This year’s theme is “Bystander Engagement,” which emphasizes the importance of all employees being aware of and reporting suspicious activity.
Insider threats are one of the most significant security risks facing organizations today. They can come from a variety of sources, including disgruntled employees, malicious insiders, and careless insiders. Insider threats can cause significant damage to an organization, including data breaches, financial losses, and reputational harm.
NITAM is a critical opportunity for organizations to raise awareness of insider threats and to implement effective insider threat programs. By educating employees about the risks and by encouraging them to report suspicious activity, organizations can help to protect themselves from insider threats.
In this round up article, we will be sharing commentary from a number of industry experts on the importance of insider threat awareness. We hope that this article will help to raise awareness of insider threats and that it will encourage organizations to take the necessary steps needed to protect themselves.
Nabil Hannan, Field CISO, NetSPI
“This National Insider Threat Awareness Month, it’s important to raise awareness around some of the most commonly exploited vulnerabilities within an organization’s internal network. According to NetSPI’s 2023 Offensive Security Vision Report – which is based on more than 300,000 pentesting engagements – we found that excessive internal permissions continue to plague organizations. We witnessed network shares or SQL servers that unintentionally allowed access to all domain users, which often contain sensitive information, credentials to other services, or customer data (suchas credit card numbers or PII). Unexpected excessive privileges leads to a large number of internal users having access to unintended sensitive data. All it takes is one rogue employee to cause major damage.
Additionally, weak or default passwords continue to be used within organizations, especially when accessing internal networks that contain highly sensitive information. Unlike interfaces exposed externally, interfaces on the internal network typically don’t require multi-factor authentication, making the likelihood of compromise much greater. Basic security hygiene, as well as an understanding of internal sharing protocols, can provide a solid foundation in bolstering protection against insider threats.”