Connect with us
Advertisement

Identifying and Mitigating Insider Threats – Cyber Security

BOITSHEPO BOLELE

Organisations face many threats that coarsely can be separated in inside threats and outside threats. Threats from insiders are especially hard to counter since insiders have special knowledge and privileges. Therefore, malicious insider actions are hard to distinguish from benign actions.

When considering security of organisations we must distinguish between threats and attacks. A threat is amenace against the organisation, that can be caused by, for example, insufficient security precautions, incorrect configuration of security devices, or human error. An attack, on the other hand, represents a realisation of a threat; an attacker has identified a threat and uses it to his advantage. Clearly organisations can face many threats and attacks at the same time.

While only an attack can potentially cause “real” damage, threats can for example cause loss of reputation. To minimize the likelihood of a certain attack to happen, organisations must therefore minimize the number of threats they are exposed to, or at least they must ensure that they can identify and are aware of threats.

Threats against an organisation can come from a multitude of sources, which can be classified based on different metrics. If we consider the origin of threats, they can coarsely be divided into threats from the outside and threats from the inside of the organisation’s perimeter. The usual goal of IT security precautions is to contain threats from the outside of an organisation; protecting the organisation’s perimeter and assets against outside threats is fairly well understood, and a multitude of techniques exist. These approaches usually assume that the inside of the organisation is well-behaved or trusted.

Threats from the inside, on the other hand, pose a completely different set of problems. Actors inside of an organisation are legitimated to perform certain actions as part of their work. It is therefore difficult to distinguish benign and malicious activities by insiders.

Insiders are trusted to adhere to the policies governing their work, and only to break them in certain situations. Different approaches to insider threats often use different definitions of what an insider is, and what constitutes an insider threat, and so do different communities.

Defining Insiders and Insider Threats

Insiders

An insider is defined as an individual with privileged access to an IT system. This focus on IT systems is not surprising, since they often are used to realise insider attacks, and often are the source of insider threats. On the other hand organisations are so much more than their IT systems, and if already the fundamental definition is putting focus on a specific technique, it is dubious how well it will be useable to address the whole spectrum of issues.

Key issues here are: access to the system, ability to represent, knowledge, and trust by the organisation. An insider is a person that has been legitimately empowered with the right to access, represent, or decide about one or more assets of the organisation’s structure.

Insider Threats

An insider threat is the threat that an insider can perform an action that violates the organisation’s goals or expectations. Goals and expectations can be realised as policies, but they can just as well be implicitly expected behaviour.

Mitigating Insider Threats

Containing insider threats requires three major components: identification of potential inside attackers and threats, monitoring. All of these techniques pose interesting research questions in the light of insider threats, mainly because of the fact that inside attacks are executed with the rights and privileges of legitimate actors. It is therefore so difficult to identify an attack once it started. It is therefore so important to develop techniques to identify insider threats before an attack.

Identifying

When dealing with insider threats we need identifying techniques in a number of areas, including, e. g., legal frameworks, policies, and human behaviour. The main goal with these techniques is to provide classifications of events and observations to decide whether or not an insider attack is in progress or to be expected.

ConflictingGoals

In the area of insider threats we have to deal with a number of conflicting goals in different areas, where realising either extreme results in severe consequences; These might, e. g., be violation of laws or serious damage
of employees’ compliance with policies. Here we consider the two most serious ones, namely dealing with surveillance and privacy, and with regulation and autonomy.

4.1 Surveillance vs. Privacy

The agonism between surveillance and privacy can be seen as the most important conflict between goals. When monitoring as much as needed, this will with big probability violate privacy rights of employees and visitors, to name a few. When monitoring as little as possible to protect privacy, the monitored data will often not be meaningful to determine threats and attacks.

The problem is that the acceptable level can very well oscillate over time, depending on legal requirements, policies, and so on. Over-monitoring can result in an increased feeling of surveillance and distrust, resulting in a weakening identification of employees with an organisation.

Boitshepo Bolele is a Director at Hlanganani ICT Botswana, a BQA Accredited Institution, located at Unit 21 THE OFFICE. For preliminary assessment of Insider threats, contact us on3980483/ 3132255 / 72537788 or email boi.bolele@gmail.com

Continue Reading

Business

P230 million Phikwe revival project kicks off

19th October 2020
industrial hub

Marcian Concepts have been contracted by Selibe Phikwe Economic Unit (SPEDU) in a P230 million project to raise the town from its ghost status.  The project is in the design and building phase of building an industrial hub for Phikwe; putting together an infrastructure in Bolelanoto and Senwelo industrial sites.

This project comes as a life-raft for Selibe Phikwe, a town which was turned into a ghost town when the area’s economic mainstay, BCL mine, closed four years ago.  In that catastrophe, 5000 people lost their livelihoods as the town’s life sunk into a gloomy horizon. Businesses were closed and some migrated to better places as industrial places and malls became almost empty.

However, SPEDU has now started plans to breathe life into the town. Information reaching this publication is that Marcian Concepts is now on the ground at Bolelanoto and Senwelo and works have commenced.  Marcian as a contractor already promises to hire Phikwe locals only, even subcontract only companies from the area as a way to empower the place’s economy.

The procurement method for the tender is Open Domestic bidding which means Joint Ventures with foreign companies is not allowed. According to Marcian Concepts General Manager, Andre Strydom, in an interview with this publication, the project will come with 150 to 200 jobs. The project is expected to take 15 months at a tune of P230 531 402. 76. Marcian will put together construction of roadworks, storm-water drains, water reticulation, street lighting and telecommunication infrastructure. This tender was flouted last year August, but was awarded in June this year. This project is seen as the beginning of Phikwe’s revival and investors will be targeted to the area after the town has worn the ghost city status for almost half a decade.

Continue Reading

Business

IMF projects deeper recession for 2020, slow recovery for 2021

19th October 2020

The International Monetary Fund (IMF) has slashed its outlook the world economy projecting a significantly deeper recession and slower recovery than it anticipated just two months ago.

On Wednesday when delivering its World Economic Outlook report titled “A long difficult Ascent” the Washington Based global lender said it now expects global gross domestic product to shrink 4.9% this year, more than the 3% predicted in April.  For 2021, IMF experts have projected growth of 5.4%, down from 5.8%. “We are projecting a somewhat less severe though still deep recession in 2020, relative to our June forecast,” said Gita Gopinath Economic Counsellor and Director of Research.

This content is locked

Login To Unlock The Content!

Continue Reading

Business

Botswana partly closed economy a further blow of 4.2 fall in revenue

19th October 2020

The struggle of humanity is now how to dribble past the ‘Great Pandemic’ in order to salvage a lean economic score. Botswana is already working on dwindling fiscal accounts, budget deficit, threatened foreign reserves and the GDP data that is screaming recession.

Latest data by think tank and renowned rating agency, Moody’s Investor Service, is that Botswana’s fiscal status is on the red and it is mostly because of its mineral-dependency garment and tourism-related taxation. Botswana decided to close borders as one of the containment measures of Covid-19; trade and travellers have been locked out of the country. Moody’s also acknowledges that closing borders by countries like Botswana results in the collapse of tourism which will also indirectly weigh on revenue through lower import duties, VAT receipts and other taxes.

Latest economic data shows that Gross Domestic Product (GDP) for the second quarter of 2020 with a decrease of 27 percent. One of the factors that led to contraction of the local economy is the suspension of air travel occasioned by COVID-19 containment measures impacted on the number of tourists entering through the country’s borders and hence affecting the output of the hotels and restaurants industry. This will also be weighed down by, according to Moody’s, emerging markets which will see government losing average revenue worth 2.1 percentage points (pps) of GDP in 2020, exceeding the 1.0 pps loss in advanced economies (AEs).

“Fiscal revenue in emerging markets is particularly vulnerable to this current crisis because of concentrated revenue structures and less sophisticated tax administrations than those in AEs. Oil exporters will see the largest falls but revenue volatility is a common feature of their credit profiles historically,” says Moody’s. The domino effects of containment measures could be seen cracking all sectors of the local economy as taxes from outside were locked out by the closure of borders hence dwindling tax revenue.

Moody’s has placed Botswana among oil importers, small, tourism-reliant economies which will see the largest fall in revenue. Botswana is in the top 10 of that pecking order where Moody’s pointed out recently that other resource-rich countries like Botswana (A2 negative) will also face a large drop in fiscal revenue.

This situation of countries’ revenue on the red is going to stay stubborn for a long run. Moody’s predicts that the spending pressures faced by governments across the globe are unlikely to ease in the short term, particularly because this crisis has emphasized the social role governments perform in areas like healthcare and labour markets.

For countries like Botswana, these spending pressures are generally exacerbated by a range of other factors like a higher interest burden, infrastructure deficiencies, weaker broader public sector, higher subsidies, lower incomes and more precarious employment. As a result, most of the burden for any fiscal consolidation is likely to fall on the revenue side, says Moody’s.

Moody’s then moves to the revenue spin of taxation. The rating agency looked at the likelihood and probability of sovereigns to raise up revenue by increasing tax to offset what was lost in mineral revenue and tourism-related tax revenue. Moody’s said the capacity to raise tax revenue distinguishes governments from other debt issuers.  “In theory, governments can change a given tax system as they wish, subject to the relevant legislative process and within the constraints of international law. In practice, however, there are material constraints,” says Moody’s.

‘‘The coronavirus crisis will lead to long-lasting revenue losses for emerging market sovereigns because their ability to implement and enforce effective revenue-raising measures in response will be an important credit driver over the next few years because of their sizeable spending pressures and the subdued recovery in the global economy we expect next year.’’

According to Moody’s, together with a rise in stimulus and healthcare spending related to the crisis, the think tank expects this drop in revenue will trigger a sizeable fiscal deterioration across emerging market sovereigns. Most countries, including Botswana, are under pressure of widening their tax bases, Moody’s says that this will be challenging. “Even if governments reversed or do not extend tax-easing measures implemented in 2020 to support the economy through the coronavirus shock, which would be politically challenging, this would only provide a modest boost to revenue, especially as these measures were relatively modest in most emerging markets,” says Moody’s.

Botswana has been seen internationally as a ‘tax ease’ country and its taxes are seen as lower when compared to its regional counterparts. This country’s name has also been mentioned in various international investigative journalism tax evasion reports. In recent years there was a division of opinions over whether this country can stretch its tax base. But like other sovereigns who have tried but struggled to increase or even maintain their tax intake before the crisis, Botswana will face additional challenges, according to Moody’s.

“Additional measures to reduce tax evasion and cutting tax expenditure should support the recovery in government revenue, albeit from low levels,” advised Moody’s. Botswana’s tax revenue to the percentage of the GDP was 27 percent in 2008, dropped to 23 percent in 2010 to 23 percent before rising to 27 percent again in 2012. In years 2013 and 2014 the percentage went to 25 percent before it took a slip to decline in respective years of 2015 up to now where it is at 19.8 percent.

Continue Reading
Do NOT follow this link or you will be banned from the site!