Do you know your insider threat personas?
In this this edition of Insider Threats Personified we’ll see how employees, no matter how well-meaning, can inadvertently aid in the lateral movement of threats through the distribution of malicious URLs or attachments. We’ll also explore best practices your IT team can implement to quickly identify and remediate threats.
Good Intentions Creates Cyber Risk
Meet Joe. Joe is a diligent employee with a strong moral character. Like the rest of his organization, he has received training on cybersecurity best practices. When he receives a suspicious email in his inbox, he decides the best course of action is to alert IT. He forwards the email to the IT Team distribution list so it can be addressed appropriately. However, his good intention results in the malicious email being propagated to 120 IT team members globally!
Although his intentions were good, and Joe was trying to do the right thing, he unintentionally distributed the threat to a wider internal audience and increased the likelihood of triggering a cyberattack within his company.
Lateral Spread of Malware
No email security solution is perfect, and no matter how good your secure email gateway is, there is always the chance that a malicious email could make its way into your end user’s inbox. If this happens, your employees can prove to be your greatest asset or your weakest link when it comes to serving as a human firewall.
In this scenario, although Joe was trained in cyber awareness on how to spot a questionable email and knew not to click on any malicious URLs or attachments associated with it, human error was still introduced into the equation. Joe made what he thought was the best choice given the situation, but instead of thwarting the cyber threat, he contributed to the lateral distribution of this attack throughout his organization.
All it takes is for one other employee to click on the URLs or open the attachments associated with this email to compromise the entire organization’s email security defenses.
Create a Stronger Internal Threat Action Plan
Traditional email security solutions focus on protecting inbound email from phishing attempts, malware, impersonation attacks, malicious URLs and attachments and other sophisticated attacks. But sometimes a cyberthreat still makes it through your gateway. Once that threat ends up in an end user’s inbox, there’s a good chance that it will be internally spread through the actions of your employees.
- Do you have systems in place to help mitigate these internal threats?
- How are you protecting your internal-to-internal and outbound email traffic?
In this scenario, threat remediation services integrated into your current email security solution would enable your IT staff to automatically or manually remove emails from users’ inboxes that should not be sent or viewed.
Learn more about Mimecast Internal Email Protect and how it can help protect your organization from the internal spread cyberthreats.
Want more great articles like this?Subscribe to our blog.
Get all the latest news, tips and articles delivered right to your inbox
You will receive an email shortly