The Russians Are Coming: The Sources Of Cyber Security Threats Might Surprise You

The news is filled with alleged cyber attacks coming from the Russians. The Chinese, Russian and North Korean governments are all major “state actors” in cyber incidents.  Professional syndicates are located in haven countries like Russia, the Ukraine and Philippines often proceed with a tacit agreement between the host country and the cyber criminals that cybercrime will not be committed within the host country’s national borders in exchange for free reign abroad.

What would surprise many people to know, is that the majority of malicious and negligent actions causing security breaches come from insiders.  Indeed, according to a 2016 Ponemon study, 73% of breaches come from “internal” sources.  “Malicious insiders” are still the third largest source of cyber security threats.  Indeed, the activities of malicious insiders have the highest annualized cost to companies and take the longest to resolve.  The causes of these breaches are:

–  Lack of diligence in hiring.

–  Lack of training.

–  Lack of employee monitoring.

–  Lack of diligence in guarding from former employees.

In some ways, it is easier to think that the “bad guys” are in Russia or North Korea (and they are), but more often than not, it is a company’s current and former employees that are the most likely sources of a cyber security breach. Diligence and discipline, as with so many things in life, must start at home.

Stephen E. Yoch is an attorney at Felhaber Larson in Minneapolis who represents clients on cyber security issues. More information can be found at www.felhaber.com. syoch@felhaber.com; (612) 373-8559.