Skip to content


  • Add this article to your LinkedIn page
  • Add this article to your Twitter feed
  • Add this article to your Facebook page
  • Email this article
  • View or print a PDF of this page
  • Share further
  • Add this article to your Pinterest board
  • Add this article to your Google page
  • Share this article on Reddit
  • Share this article on StumbleUpon
  • Bookmark this page

When outsiders become insiders

PA’s John Skipper, a cybersecurity expert, is quoted in an article in Infosecurity Today which looks at the issue of insider attacks.

The article explains that the insider attacks are on the rise and that this type of attack, alongside criminal attacks are the most costly form of breach.

John says: “Our experience shows a significant growth in blended attacks, where the outsider attacker takes advantage of insiders who can be manipulated or who have been careless. That is the greatest risk for organisations.”

He goes on to say that deliberate malicious attacks are still rare, but very damaging.

The article explains that due to poor security practises such as password being shared between users, hackers can break into organisations and plant malware, attack other systems and even carry out social engineering attacks on key members of the business.

“It is possible to take a primarily technological route and to hack in through the firewall and then capture credentials,” says John. “This is either because they’re left in an insecure way, like passwords in Excel spreadsheets, or because of systems that are not properly configured and allow passwords to be captured.”

Cybercrime Tipping Point Survey

Cyber crime tipping point survey


The article explains that organisations should have a consistent policy in place but even more importantly they should bolster their protection against insiders by improving their incidence response so they are ready when an insider breach occurs. This is likely to be increasingly important as more hackers turn to the insider route to stealing information.

John says: “Relatively few CIOs have their heads around this completely. They’re becoming aware that it’s a key area to think about.”

John adds that “the majority of CIOs we work with are reasonably confident in boundary security. But few can monitor what is going on in their networks. That’s where the focus is now.”

The article concludes with John explaining that organisations are aware of insider threats and are aware that they need to act fast: “Most sophisticated organisations are making the assumption that some bad stuff will get in, and some already is in, and the ability to respond is at the top of the agenda.”

Contact the Digital team

By using this website, you accept the use of cookies. For more information on how to manage cookies, please read our privacy policy.