Question

Employees present a serious threat to the security of an organization.

Give four reasons why employees are especially dangerous to the security of an organization.

What type of employee do you think is the most dangerous? Why?

Share any experiences that you have had with insider security threats.

Answer 1

//I will be writing the answer according to my personal perspective. I hope that will be good enough. Thank You!

Employees can present a unique and dangerous set of threats to the security of any organization. Given below are some of the major ones:-

1. Phishing

Phishing poses one of the greatest risks to companies as a well-meaning employee can quickly (and maybe unintentionally) cause a security threat with the click of a link. Training employees against the acts of phishing can only do so much, there is still no guarantee that they will not fall for it.

2. Social Media

Social media is a new medium for cybersecurity threats and it's difficult for companies to monitor, let alone secure. It has been found in a plethora of surveys that most of the major malwares often present themselves in the form of a shortened link on networking sites. Users might not think twice about clicking-out from a tweet or Facebook post since shortened links have become the norm on social media sites.

3. Adult Content

According to a recent survey, one in every 20 U.S. employees has accessed adult content on a work device, but naivety isn't an excuse. Eighty percent of those who admitted to doing so also acknowledged it put the company's security at risk. The danger is more than a potential work-place harassment lawsuit. It must be realized that most of the adult websites often contain other far more dangerous malicious content within their links. That's how majority of these adult websites make their money and hence through unknowing users, possess an immense threat to the company.

4. International Risks

This is particularly in the interest of international companies. What is considered legal in one country may not be legal in another. Take adult content to be an example. Adult content can quickly take on more meaning in other countries, and it's something employers need to educate employees about. The security risks become greater if employees are unknowingly accessing illegal content while traveling for business.

Any employee who is ignorant of the dangers posed by the ever-increasing grasp of social media and digitization of the world around us poses the biggest threat to his/her organization. A few years ago, one of the senior managers of our company (not to be revealed) got fired since she accessed highly questionable materials through company servers without going through proper IT channels, thereby posing a tremendous threat to the entire network server system, as was revealed in the investigation later. This case served a reminder to the rest of us to be more vigilant in our workplace and take steps to ensure the company's internal security is never at risk.