Firewall threat risk

1.Insider attack

A perimeter firewall is intended to prevent external network attacks. What happens if the attack
comes from within? Because the attacker is already on your system, the perimeter firewall is
frequently rendered ineffective.

Even if an attack occurs from within your network, firewalls can still be useful IF you have
internal firewalls in addition to perimeter firewalls. Internal firewalls help to segregate certain
network assets, making it more difficult for attackers to go from one system to another. This
gives you more time to respond to the attack while also lengthening the attacker's breakout time.

The types of insider attacks are

 Malicious insider -Someone who deliberately and willfully abuses valid credentials,
generally to steal information for financial or personal gain, is known as a Turn cloak.
For example, a person who harbors resentment toward a former employer, or an
opportunistic employee who sells confidential information to a competition. Turn cloaks
have an edge over other attackers since they are familiar with an organization's security
rules and processes, as well as its weaknesses.

 Careless insider-an unwitting pawn who unintentionally exposes the system to dangers
from outside. This is the most prevalent kind of insider threat and is brought on by errors
like leaving a gadget accessible or falling for a hoax. For instance, a worker who has no
malice in mind could click on an unsafe link and introduce malware into the system.

 A mole-a fake who, while theoretically an outsider, has succeeded in obtaining insider
access to a restricted network. This is a person outside of the company who poses as a
stakeholder or staffer.

The protect against insider attacks

1.Protect critical assets

 Elements include systems, technology, facilities, and people, and they can be either real
or logical. Valuable systems also include intellectual property, which includes proprietary
software, schematics, customer data for suppliers, and internal manufacturing procedures.
Develop a thorough grasp of your important assets. Ask yourself things like, what are our
most important resources? Can we order our resources? And what do we know for each
stock's present condition?

2.Enforce policies
 Organizational policies should be well documented so that you can enforce them and
avoid misunderstandings. To prevent sharing of privileged material that they have
developed, everyone in the company has to be aware of security protocols and understand
their rights in connection to intellectual property (IP).