More Related Content Similar to 5 Types of Insider Threats and How to Detect them in Your ERP System (20) 5 Types of Insider Threats and How to Detect them in Your ERP System1. 5 Types of Insider Threats in Your ERP System
5 Types of Insider Threats
©2021 Appsian Security. All rights reserved.
Average time to identify and
contain an insider threat incident²
77days
Average number of
data breaches caused
by insider threats1
Average cost per
insider incident²
57% $11.54m
Not all insider threats are disgruntled employees. Regardless of who
they are, an insider who is intentionally or unintentionally violates a
business, security, or data privacy policy can inflict plenty of damage.
Appsian360 Enables Rapid Detection and
Response to All Insider Threats in Your ERP
Contact us today to see how Appsian360 can help your organization detect insider threats in real-time.
Appsian is the Global Leader in ERP Data Protection. Designed For: PeopleSoft, Oracle E-Business Suite, & SAP ECC/S4HANA.
Appsian360 provides deep, actionable insights that support ERP data security and compliance.
THE CARELESS WORKER
Motive: Actions are inappropriate and clueless as
opposed to malicious.
Behavior: Unintentionally breaks security policies,
mishandles data, and ignores security training.
Potential Damage: Likely falls for phishing scam
resulting in compromised account.
THE SHORT-TIMER
Motive: Opportunistic. Ranges from contractor
to off-boarding employees.
Behavior: Lack of loyalty leads to taking
liberties with security policies and not treating
corporate data with the respect it deserves.
Potential Damage: Sensitive information and
data leaving the company and ending up in the
wrong hands.
THE MALICIOUS INSIDER
Motive: Malicious Intent. Seeks financial rewards
or personal gains.
Behavior: Employees using their own credentials
to commit fraud or data/financial theft.
Potential Damage: Financial loss and compliance
violations.
THE DISGRUNTLED EMPLOYEE
Motive: Feels unhappy or disrespected.
Behavior: Willfully violates data privacy policies
by accessing PII or compensation data of others.
Potential Damage: Employee conflicts around
exposing compensation and personal information.
THE ARROGANT INSIDER
Motive: Believes they are exempt from security
policies.
Behavior: Deliberately downloading data to
personal devices not approved by the company.
Potential Damage: Sensitive information left
unsecured and exposed to hackers.
Statistical Sources
1
Verizon Insider Threat Report
2
2020 Cost of Insider Threats Global Report
Culprit:
The Careless Worker
Monitor remote access
attempts to ensure
they are not coming
from suspicious
locations or after-hours.
Culprit:
The Arrogant Insider
Monitor instances of
query running and
download attempts of
sensitive data onto
unauthorized devices,
from suspicious locations,
or outside business hours.
Monitor data access
for particularly
sensitive fields,
including compensation
data and executive payroll.
Detect Compromised User Accounts
Detect Privileged Access Abuse
Prevent Downloading and Reports
Culprit:
The Disgruntled Employee
Detect fraud and
theft using real-time
information on
transaction edits and
changes to records.
Uncover Instances of Fraud & Theft
Culprit:
The Malicious Insider
Ensure compliance
with current business
policies by monitoring
access to and downloads
of sensitive data.
Enable Data Compliance
Culprit:
The Short-Timer
www.appsian.com
About Appsian
And How to Detect them
in Your ERP System