ThriveDX Labs

Internal Network 

A risk from within

 Internal Network 

A risk from within

Share This Post

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

Blog • 3 min. read

January 16, 2022

The Risk of an Insider Threat

The next incident in an organization may happen intentionally or accidentally by an employee, and not by a malicious hacker. The stats show that more than 34% of businesses around the globe are affected by insider threats yearly. In addition, it is estimated that there was an approximately 47% increase in insider incidents over the past two years.

Organizational networks are exposed to a myriad of risks that should be addressed and constantly monitored to keep them and their assets safe. The risk of an insider threat is one of the most common and dangerous of those threats. An insider threat actor could be a frustrated employee, a human error caused by an employee, or contractors and suppliers with access permissions to assets.

To better understand the high-risk potential of an insider threat, visualize the following scenario: John is a newly hired employee who joined the development team in an organization. As part of the development team, John has permission to access the source code of the organization’s product. While John works on a complex task he was assigned, he turns to “Stack Overflow” to get some assistance from the community. John writes his question in the forum and accidentally uploads pieces of code with sensitive information. What will be the results of John’s actions? What kind of sensitive information was leaked? What can be done about it?

AdobeStock_207148786

Organizational Network Governance

An organization’s security level is based, among other measures, on simple controls, such as the implementation of policies, procedures, and advanced controls, including SIEM, SOAR, and CASB solutions.

 While sophisticated solutions can be used to identify suspicious activities and respond to them, they won’t be effective if there exists an account with permissions that can disable them or exclude certain actions, accounts, and hosts. 

Access permission management and identity governance in organizational networks are an essential part of its security posture. An employee with excessive access permissions to assets may just be a ticking time bomb waiting to be triggered. Excessive access permissions may lead to the leakage of sensitive information, such as source code and PII, which, in turn, can cause substantial reputational and financial damage to the organization. 

To effectively avoid a potential insider threat attack, an organization must implement procedures such as identity governance, adhere to the least privileges principle, implement vendor best practices, and invest in tailor–made security awareness training for all employees. 

Get in touch with our cyber security consultants

The Necessity of Risk Assessments

Organizational network management systems such as “Windows Active Directory” provide tools that can be used to secure network configurations, many of which are not enabled by default. In many cases, networks are not configured with the best possible level of security due to lack of knowledge and training.


Risk assessment projects include the examination of organizational security processes, procedures, and security configurations. A properly conducted risk assessment identifies security gaps that must be addressed.


A professional risk assessment includes, but is not limited to, system configurations, permission allocation to accounts, permission review frequency, implementation of best practices, and team awareness of security threats.

Sources 

Techjury, accessed 12 December 2021, <https://techjury.net/blog/insider-threat-statistics/#gref> 

About ThriveDX Labs

We strive to help organizations protect themselves against threats in today’s cybersecurity landscape. We utilize the same advanced techniques and cutting-edge tools as real threat actors to expose security gaps in applications and network infrastructure and assist organizations with bridging those gaps to prevent real damage.

Get in touch with our cyber security consultants