The Threat from within: Securing your Contact Centre

October 2024

Click here to view our webinar in-partnership SessionGuardian and Connect: The Threat from Within: Securing your Contact Centre - sharing insights on how to secure your contact centre from insider threats.

In today’s hyper-connected world, where the need to deliver personalised engagement and intuitive customer service has become the minimum industry standard, contact centres have become a hub of personal customer data.

 While access to this information is vital to business success, it also represents a growing target for malicious actors, with the threat from within becoming a more prolific risk.

With corporate eyes trained on external cyber threats like ransomware or phishing attacks, the risks posed by inside threats often go overlooked.

 “The threat landscape within the data centre has evolved due to the large volumes of sensitive customer data that contact centres manage, from personal and financial to password data, which makes them a prime target for criminals,” explains BLOCKPHISH co-founder and CEO Andy Green.

 Anyone who has access to sensitive customer data poses a risk, affirms Martin Cross, CTO at Connect.

 “Technology is changing the way we deliver services in the contact centre, with artificial intelligence (AI) helping to offload common and mundane tasks to chatbots and other automated channels, leaving agents to handle higher-order, more complex tasks that require greater access to information and customer data,” explains Cross.

 “AI also speeds up the rate and depth of the data agents have at their fingertips. While this is vital to deliver exceptional customer service, it also poses security risks when an operator does not have the appropriate strategies and technologies in place to secure the contact centre against these hidden dangers and stay one step ahead.”

 Additional factors highlighted by Green relate to the large, transient workforces employed in contact centres and the fast-moving nature of the environment.

 “Poorly defined processes also increase insider threat vulnerabilities, particularly those related to the growing bring your own device (BYOD) trend, which reduces the control that centralised IT teams have on the company's security posture, and the remote hybrid working trend that necessitates managing large, distributed workforces,” elaborates Green.

 “The shift to remote working and increased outsourcing after the pandemic significantly increased the attack surface area, creating more opportunities for internal actors to compromise sensitive data for financial gain.”

 These insider threats can lead to malicious or accidental breaches and data leaks that reduce customer trust, which are rising globally.

 Green cites data from the most recent National Protective Security Agency (NPSA) Insider Data Collection Study, which shares insights from 300 organisations in the UK that quantify and define the current risks.

 “Notable findings reveal that the majority of acts (88%) were perpetrated by permanent staff, with only 7% of cases involving third-party contractors and 5% involving agency or temp staff,” states Green.

 “Interestingly, the majority (76%) of insider cases were self-initiated, which means the employee only undertook to steal data after they had joined the organisation. Deliberate infiltration only accounted for 6% of cases.”

 Additional findings show that most (82%) perpetrators are male, with 49% of inside actors aged between 31-45 years.

 Typically, insider threats follow various modus operandi, with credential hacking the most prolific.

 Sudhir Udipi, VP of Solutions at SessionGuardian adds that credential hacking is a growing risk due to the role and influence of artificial intelligence (AI)

“AI can help bad actors impersonate individuals using a stolen set of credentials or misrepresent individuals during voice log-in.”

 Other common ways the criminal elements steal data in the contact centre include compromised devices, user-not-present breaches, accidental or malicious eMeeting sharing, shoulder surfing, and capturing screens with photos from mobile devices.

 As the threat posed from within continues to grow in prominence, contact centre operators must act to mitigate the risks that malicious insiders pose to data confidentiality and operational stability.

“Addressing these risks requires a solution that can ensure the correct person is accessing sensitive data on the correct and healthy device, in an acceptable location, at the correct time of day, ensuring no unauthorised eyes are on your sensitive or regulated data,” concludes Keith Bowie, CIO and SVP of Engineering at SessionGuardian.