Cracking open insider threats

Features
By published

Leaders need to perform strict identity measures on would-be hires – and ensure employees who leave have access promptly removed

The words ‘Cracking open insider threats’ overlaid on a lightly blurred, image of scan lines. Decorative: the words ‘insider threats’ are in yellow, while other words are in white. The ITPro podcast logo is in the bottom right corner.
(Image credit: Future)

Cybersecurity teams face a constant battle of ensuring their company is shored up in the right places. Facing down increasingly sophisticated and persistent threat actors, there’s every reason to focus on one’s perimeter to shield oneself against external threats.

But insider threats – attacks carried out from within an organization’s environment – must also be part of any business’s security strategy. When the call is coming from inside the house, either via a hacker who’s secretly gained access or in the form of a disgruntled employee, security teams need to be ready to clamp down hard.

In this episode, Jane and Rory welcome back Ross Kelly, ITPro’s news and analysis editor, to discuss the scale of these insider threats.

Highlights

“If someone's been dismissed, or if someone's leaving on bad terms, it should certainly be, you know, front of mind for any IT administrator make sure that they do not still have access to the crown jewels.”

“The level of sophistication here is quite impressive. It also points towards a growing level of technical proficiency among threat actors here, they're able to get into these companies as employees and then essentially wreak havoc. ”

“With AI and the deepfake question there, it has accelerated significantly over the last two years. Whereas when you look at, say, the ransomware situation and the fight against that from people on the front lines in the information security space, that's been a far more long-running campaign.”

Footnotes

Subscribe

Rory Bathgate
Rory Bathgate
Features and Multimedia Editor

Rory Bathgate is Features and Multimedia Editor at ITPro, overseeing all in-depth content and case studies. He can also be found co-hosting the ITPro Podcast with Jane McCallion, swapping a keyboard for a microphone to discuss the latest learnings with thought leaders from across the tech sector.

In his free time, Rory enjoys photography, video editing, and good science fiction. After graduating from the University of Kent with a BA in English and American Literature, Rory undertook an MA in Eighteenth-Century Studies at King’s College London. He joined ITPro in 2022 as a graduate, following four years in student journalism. You can contact Rory at rory.bathgate@futurenet.com or on LinkedIn.

More about cyber attacks
A CGI render of a warning symbol representing malware, sitting on an abstract computer surface. Decorative: the warning sign is glowing red and there is blue and yellow diffused light throughout.

What is an APT and how are they tracked?
Jeremy Fleming, former head of GCHQ, onstage with Haider Pasha, chief security officer, EMEA & LATAM at Palo Alto Networks at Ignite London 2025.

Businesses must get better at sharing cyber information, urges former GCHQ chief
An abstract image showing blocks of blue shiny material overlaid on one another to represent LQMs and AI.

What are large quantitative models (LQMs)?
See more latest