Insider Threat

The Rise of the

The Rise of the Insider Threat and How ZoneFox can help you protect data

01/11/2018 Insider Threat Data protection

Hackers, cybercriminals, malware infections and other external threats seem to dominate the headlines at the moment, making it easy to overlook the fact that a huge portion of data breaches and system compromises come from within organisations rather than the outside.

A recent report from McAfee found that internal actors are responsible for 43% of data loss - with half of these incidents being intentional, and the remainder accidental. So, how do you protect your IT infrastructure and assets when the problem is already inside your walls?

Identifying Potential Insider Threats

Enterprises can get a step ahead by identifying not just insider actions that compromise, but also people likely to perform those actions. There are two types of insider who represent a cyber risk:

Type A - Malicious

These individuals put an enterprise at risk for their own personal gain, for revenge, or both. Misdeeds could include the theft of valuable data and Intellectual Property (IP), exposing data to the public, and hijacking or sabotaging databases and servers.

Why do they do it? Possible reasons for malicious behaviour include personal financial issues, lack of promotion and poor management.

Type B - Negligent

Unaware of basic precautions for handling sensitive information, error-prone or simply careless, these individuals do not intend to harm. Whether it’s losing mobile devices or thumb drives, to giving away business information when chatting on social networks, these accidental mistakes can be as costly as the deliberate attacks of others.

How ZoneFox Can deliver Data Protection

Organisations need complete visibility of their data flow - they need to know who is accessing what data, where and when.

ZoneFox does this in two ways. Firstly, it provides the option of a rule-driven approach - for example to compare activities and flows with enterprise security policies.

Secondly, it offers an advanced machine learning capability to spot suspect and risky behaviour. Threat hunting and threat discovery are facilitated by full records of network activities.

Find out more about the rise of the internal data risk

By identifying and categorising risky users and putting controls in place to help security staff spot attacks earlier you can begin to create an effective insider threat program. Download our Report for a full list of risky behaviours and how to prevent, detect and contain the insider threat.


Share This


Katie Gordon

Find out more


Learn how ZoneFox helps secure sensitive information against the insider - one of the most dangerous threats that all organizations face - delivering total data visibility, whether it’s on OR off your network.

Book your tailored Threat Test