In the world of cybersecurity today, insider threats are a hot topic of conversation, and for good
reason. Research conducted by Crowd Research Partners and Cybersecurity Insiders found that
90% of organizations feel vulnerable to insider attacks for multiple reasons that include an ever-
changing landscape of technology and devices as well as excessive access privileges and other
factors. Moreover, 53% of companies confirmed insider attacks against their organization
Insiders have a significant advantage when it comes to penetrating your security. Security
solutions such as firewalls and access controls have been built to stop external attackers, not
trusted insiders. Whether their intentions are benign or malicious, it is still a threat to your
An insider threat, as defined by the CERT Insider Threat Center, is a current or former employee,
contractor, or other business partner who has or had authorized access to an organization’s
network, system, or data and intentionally misused that access to negatively affect the
confidentiality, integrity, or availability of the organization’s information or information systems.
The public might be most familiar with high-profile security breaches and intelligence situations
like the Edward Snowden case, but the reality is that insider threats pose a critical concern for
organizations across all industries. And insider threats caused by malicious or accidental
offenders can put your organization and data at risk.
While most organizations respect the privacy of staff’s communications, if your organization has
a high risk of costly data breaches, you will need an adequate insider threat detection strategy.
Honeypots may seem like a more time-consuming security measure than the standard
approach, but in reality, they are a very practical solution.
Data collected by honeypots can be used to enhance the rest of your company’s security
systems. Unlike other systems, honeypots allow you to understand the hacker: what they want,
how they are breaking in, what systems they exploit and more.
Honeypots are cyber systems and processes set up to appear operational to collect information
on threat behavior and vectors. Real or simulated systems and processes are configured to
appear as if they are real systems, often with vulnerabilities. Many of the previously described
sensors are inserted within and around honeypots to collect data on threat behaviors.
Honeypots have been used for everything from single servers to networks of servers,
through client processes and files or information. Honeypots are a common technique and tool
for sensoring uncontrolled threat sources.