While threats to the confidentiality, integrity, and availability of data may originate from many types of attackers, the information security threats from trusted insiders—such as employees, vendors, and contractors—can be particularly insidious because the attackers have legitimate credentials on enterprise systems and networks. Insider threats may be difficult to detect because it can be challenging to differentiate between potentially harmful actions and an employee’s authorized work.
Share a relevant story ideally based on your personal or professional experiences about how a security incident originated with an attack vector that was opened, either maliciously or accidentally, by a trusted insider. Focus your discussion on the features that make this particular insider attack unique by describing the salient features of the attack, when and how the breach incident was discovered, the data that was illegally accessed, and the short- and long-term consequences of the attack to the organization.
Sample Solution
I recently worked with a bank that had experienced an insider attack in which confidential financial information and customer data was stolen. The attacker was an employee who had been granted access to sensitive information as part of his role at the bank. He used this access to illegally download sensitive account details, including passwords, account numbers, and other information such as customers’ addresses and phone numbers.
Sample Solution
I recently worked with a bank that had experienced an insider attack in which confidential financial information and customer data was stolen. The attacker was an employee who had been granted access to sensitive information as part of his role at the bank. He used this access to illegally download sensitive account details, including passwords, account numbers, and other information such as customers’ addresses and phone numbers.