Combatting scams and insider threats during the cost-of-living crisis

by: Richard Ford, Chief Technology Officer, Integrity360

Despite narrowly avoiding a recession in the final quarter of 2022, the UK economy is far from out of the woods.

While the zero-growth recorded in Q4 marked a slight improvement on the 0.2% fall in Q3, GDP actually shrunk by 0.5% in December alone, with figures also showing that the country’s trade deficit with the EU hit record levels in the last three months of 2022. Resultantly, the UK remains the only G7 nation yet to fully recover the output it lost during the pandemic.

Unfortunately, things haven’t really improved since the turn of the year. Indeed, March 23 saw the Bank of England commit to a further base rate hike, raising it to 4.25% – the highest level in almost 15 years – after inflation unexpectedly jumped to 10.4% in February.

We continue to be confronted with stark reminders that the current financial squeeze won’t be subsiding anytime soon, and that people across the country will continue to be impacted.

While much of the focus has been on the individual, enterprises have found themselves in an equally tricky spot. As the cost of doing business also continues to spike, many firms have been forced to focus on cutting costs, ditching services, applications and solutions deemed to be low in value. According to a report from Oracle, 100% of CFOs believe inflation will continue to be the primary issue through 2023, and 78% are looking at cutting costs to help fight inflation.

From a security perspective, this is concerning. At a time where focus is largely centred on improving margins and reducing expenditure, many may be tempted to cut their defensive budgets. Yet this really is the last thing organisations should be doing right now.

Navigating internal and external threats

If we’ve learned anything from the pandemic, it’s that cybercriminals will jump at the slightest opportunity to exploit companies in a crisis and there’s clear evidence to suggest that this trend has continued in relation to the current economic situation.

Since September 2022, we’ve seen a spike in phishing emails mimicking the UK’s Department for Work and Pensions (DWP) and encouraging people to apply for fake cost-of-living payments and government support packages. So much so, that the DWP itself recently took to social media to warn people to “watch out for scammers”.

However, it’s not just increasingly sophisticated, adaptive and intelligent cybercriminals that firms have to watch out for. Equally, they need to concern themselves with insider threats.

While research shows that the number of insider threats has risen 44% over the past two years, with costs per incident up more than a third to $15.38 million, there’s now the very real possibility that we will see an even greater uptick in attacks driven by internal actors.

With some organisations forced to delay promotions, pause wage rises and even make redundancies as they grapple to manage rising costs and stay afloat, many unfortunately need to be prepared for the possibility that disgruntled employees could bite back.

Even in more prosperous economic environments, a select few individuals have taken no issue with stealing enterprise data or company secrets, with some even accepting bribes from cybercriminals in return for planting malware in corporate networks.

This was a clear tactic used by infamous threat outfit Lapsus$ Group in 2022 as it carried out a campaign which affected organisations such as Microsoft, Nvidia, Uber and Rockstar Games. While this largely revolved around the use of phishing emails in gaining network access, Digital Shadows’ Photon Intelligence Team also recorded instances where Lapsus$ Group members would attempt to recruit insiders who could offer them access to credentials, virtual private networks (VPNs) and virtual desktop infrastructure (VDI).

The fact of the matter is that a combination of redundancies and wage stagnations with inflation will only continue to push some employees to the brink financially and as resentment and desperation grows, the prospect that some could be tempted to hit out and/or accept bribes from cybercriminals also increases.

Improving security while keeping costs down

Given current threats, organisations must carefully consider how to optimise their spend in a manner that bolsters their security posture, rather than immediately reducing budgets and cutting critical corners.

Indeed, many organisations are still reliant upon legacy security solutions that are no longer effective in the modern environment. However, the cost-of-living-crisis and need to cut budgets provide the perfect opportunity to strategise, ensuring that every penny earmarked for security counts.

So, exactly what direction should investment be directed in?

A good place to start would be look at cost-effective services that can deliver improved security outcomes, with managed detection and response (MDR) being a great example of this. Organisations are challenged with extending protection beyond the traditional datacentre and focus on defending cloud environments, user & machine identities, SaaS applications and remote user endpoints – all within a constrained budget. MDR enables organisations to reinvest spend on legacy platforms, which were not fully protecting their modern IT environments, into turnkey detection and response services delivering both advanced threat prevention and detection technologies and a high-level of maturity by outsourcing turnkey detection and response setups to leverage modern, remotely delivered SOC capabilities and technologies.

Not only can this help to better utilise existing technology investments that many organisations fail to get the best out of owing to a lack of resources and/or capabilities. Further, it can also improve a firm’s ability to actively respond to threats on a 24/7 basis without adding headcount. Where, threats come around the clock, MDR doesn’t take a day off, with sound providers also able to bring mature processes to the table and guide you on a security maturity journey.

In addition to MDR, managed security service providers (MSSPs) can also be brought on board to deliver security services that are more cost effective than providing the same function in-house. Critically, while MSSPs are more generalist than their more specialist MDR counterparts, they still can provide economies of scale, with providers constantly investing in evolving their offering to better protect the customers they serve against changing threats.

While outsourcing can pay dividends in some respects, firms must also work to streamline their internal operations. Here, consolidating a suite of relevant security solutions into one platform is advisable, enabling firms to better utilise existing investments, improve security outcomes and lower the total cost of ownership. To achieve this, firms should review their technology estate and build a roadmap for a converged security technology estate for increased coverage and capability whilst consolidating spend.

What exactly this suite should comprise will vary depending on the specific needs of each organisation. However, security service edge (SSE) products will be a mainstay for many, helping to safeguard employees against advanced threats as they navigate the web, cloud and on-premises resources alike.

A convergence of network security services delivered from a purpose-built cloud platform, SSE solves fundamental challenges organisations face relating to remote work, the cloud, secure edge computing, and digital transformation.

As enterprises adopt software as a service (SaaS), infrastructure as a service (IaaS), and other cloud solutions, their data becomes increasingly distributed beyond the traditional network perimeter. With SSE, organisations are safeguarded against advanced threats by securing access to web, cloud, and on-premises resources, all in one powerful package.

In the current economic climate where threat actors are more actively working to take advantage of scam opportunities and vulnerabilities, and insider threats are only likely to continue to grow, firms must not cut security corners.

Indeed, with the right strategy underpinned by a focus on MDR, MSSP and SSE solutions, dramatic improvements can be made, all while keeping costs down.


Explore more