Your business may be high-tech and digital, but your employees exist in the physical world, and that makes them vulnerable to blackmail, intimidation and violence. The ISF says that over the next two years, well-funded criminal groups will combine their global reach and digital expertise with the very real threat of violence to threaten privileged insiders to give up mission-critical information assets (e.g., financial details, intellectual property and strategic plans).
These privileged insiders may be senior business managers and highly placed executives, but they could also be their personal assistants, systems administrators, infrastructure architects, network support engineers and even specific external contractors. Extreme cases could involve "tiger kidnapping" of the insider's family.
ISF believes criminal gangs are likely to turn to these methods for these three reasons:
- They can significantly reduce the level of cyber expertise they require and replace that expertise with "muscle."
- They can continue to have access to compromised individuals and persuade them to act again.
- They can steal mission-critical information while operating at "arm's length."
To protect yourself against these threats, ISF recommends you take the following actions:
- Identify your mission-critical information assets and the individuals who own and access them.
- Invest in special measures to protect individuals with privileged access (e.g., instruction in physical security precautions; exposure to social engineering methods).
- Implement mechanisms to protect your organization against the insider threat (e.g., screen prospective employees; embedding appropriate clauses in employment contracts).
- Adopt a trust-but-verify approach to privileged insiders (e.g., foster a culture of trust, while verifying and monitoring appropriate system access).
Theme 2: Trust in the integrity of information is lost to distortion
To make good decisions, your business depends upon accurate and reliable information. If the integrity of that information is compromised, so is your business. This issue has risen to prominence recently with the 'fake news' that has begun swirling around major politicians. The ISF believes that over the next two years, attackers will spread lies or distort internal information in the hope of gaining a competitive or financial advantage at the expense of targets' reputations or operational effectiveness.
"With volumes of data increasing to the levels that they are, we've reached a point where it's absolutely impossible for anybody to really, absolutely ensure the integrity of data," Durbin says. "How do we work with the business to ensure we make the information they're using to make decisions as accurate as possible? We're going to see this change in the way that the CISO, in particular, is viewed within the enterprise. We've for so long assumed this is an IT security thing, but CISOs have been talking about their role and how that has evolved much more to reflect the business; it's more akin to risk management in the information space."
Sign up for Computerworld eNewsletters.