Who’s the Insider Threat in Your Company?

November 18, 2019 • Published Categories PCI 101 Tags

Guest post by Mark Pribish, Merchants Information Solutions, Inc.

At this year’s Blackhat Conference – which is the largest information security event in the world – I sat in on a very informative presentation by John Grim, Managing Principal – Americas, Verizon Threat Research Advisory Center (VTRAC). His topic was insider threats and key findings from the Verizon Insider Threat Report. 

Grim began the presentation by highlighting Verizon’s five insider threat categories:

  1. The Careless Worker
  2. The Inside Agent
  3. The Disgruntled Employee
  4. The Malicious Insider
  5. The Feckless Third Party

As a side note, I had to look up the word “feckless” which has a number of meanings including irresponsible, incompetent, inept, and lacking character.

Grim defined insiders as “full- and part-time employees, independent contractors, interns, and other staff, as well as business partners and third parties with some level of privileged access.” He also said that “human resource controls, security access principles, training and third-party management controls can mitigate risks.”

According to Verizon’s Insider Threat Report, “twenty percent of cybersecurity incidents and 15 percent of the data breaches investigated within the Verizon 2018 DBIR originated from people within the organization, with financial gain (47.8 percent) and pure fun (23.4 percent) being the top motivators.”

In addition, these attacks, which exploit internal data and system access privileges, are often only found months or years after they take place, making their potential impact on a business significant.

To put all this in perspective, Capital One’s recent data breach was impacted by the very insider threat or “feckless third party” when an irresponsible, former Amazon employee lacking character and integrity is now being charged with computer fraud.

Just as I wrote in a recent LinkedIn post about Capital One’s data breach event that the question should be “who’s in your wallet?” – I believe every business and organization, based on Verizon’s Insider Report should be asking “who’s the insider threat in your company?

Along with reading the Verizon Insider Threat Report, I recommend checking out Chris Bucolo of ControlScan’s blog post “Minimizing the Human Impact on Data Security,” which shares excellent tips for combatting insider threats at your organization.


Mark Pribish has 29 years of insurance and risk experience including the identify theft and data breach risk management business sectors. As VP and ID Theft Practice Leader at Merchants Information Solutions, Inc., Mark has helped lead the product line development, marketing and sales for consumer identity theft and small business data breach solutions. Prior to joining Merchants, Mark held senior level positions at AIG and Aon. He has authored hundreds of articles and is frequently interviewed by local and national media as an ID theft and data breach risk management expert. He is a graduate of the University of Dayton.