So, you decided to read this article because the title got you thinking. Hmmm, you wondered, maybe I really am at risk? How do I know? And if I am at risk, how do I mitigate it?
The short answer to the title of this article is, yes, you are at risk of data theft, and if you fall victim to this cybercrime, there’s a good chance it was an inside job because, as insiders are responsible for around 22% of all data breaches, according to the Verizon 2021 Data Breach Investigations Report.
How to Spot Bad Actors
It’s not always easy to identify the insider threat in advance – some simply do not fit the profile – but there are certain behaviors to look for. In fact, code42 developed an interesting infographic that identifies six unusual data behaviors that indicate an insider threat. The infographic includes behaviors such as employees moving data to places where it doesn’t belong, emailing data to unknown email addresses, and uploading files to file-sharing programs.
But beyond keeping an eye out for unusual employee behaviors, what else should you look for? How about these five categories of employees?
- Employees facing financial distress: The 2020 Verizon Data Breach Investigations Report found that 86% of all data breaches are financially motivated.
- Employees with poor track records: Employees who fail to adhere to the most basic compliance policies are more than likely to commit data theft, according to Harvard Business Review.
- Disgruntled employees: Although employee data is at the top of this list, employees seeking revenge need to be watched, too, according to tech42.
- Departing employees: As many as 72% of departing employees admit to taking company data, according to infosecurity magazine.
- Departed employees: Yes, you read that right. The staff who have already left your company still pose a security risk, according to an Intermedia study. This study reported that 89% of former employees were able to access sensitive corporate applications long after they were gone.
Adding Insult to Injury
The research consensus is that the risk of insider data theft is not only very real, but also highly probable. If you need a little more convincing, then mull over these four research findings.
- 70% of intellectual property theft occurs within the 90 days before an employee’s resignation announcement, according to infosecurity magazine.
- 88% of IT workers have stated they would take sensitive data with them if they were fired, according to CyberArk.
- 85% of workers know it’s illegal to steal corporate data, yet many are willing to risk the consequences, according to CyberArk.
- 63% of employees have indicated that they brought data from their previous employers to their current employers, according to Code42.
Protecting Your Company’s Data
Whether data breaches are caused by insider threats, a former employee with ongoing access, or external malicious threat actors, every business needs to take proactive measures to protect sensitive information.
Being vigilant about looking for suspicious behaviors and keeping a watchful eye for possible bad actors is certainly something every organization should do. That said, making it harder to steal data from network shared drives and computer hard drives by blocking access to ports is another layer of protection that should be implemented.
How?
Port locks – whether for USB ports, network ports, printer ports, or any other kind of port, for that matter – are inexpensive devices that prevent employees from plugging in removable media for the purpose of stealing data. They are inexpensive, and they work – even when you’re not around to oversee what’s going on.
Yes, you are at risk for data theft, but if you heed the above advice, that risk can be minimized.