The rise in cyberattacks since the dawn of the global pandemic has masked one particularly important cybersecurity data point: One-third of data breaches are inside jobs.
This was true prior to COVID-19, and it remains true today; studies confirm it.
- Verizon’s “2019 Data Breach Investigations Report” found that 34% of data breaches were the result of “insider threat actors.”
- More recently, “A Triple Threat Across the Americas: 2022 KPMG Fraud Outlook” reported that a “significant 31% of respondents say their companies have suffered from fraud perpetrated by an insider in the past year.”
- According to Cybersecurity Insiders“2022 Insider Threat Report,” 57% of organizations feel insider incidents have become more frequent over the past 12 months.
These three reports highlight one extremely alarming fact: The people who have the most access to your company’s secure and sensitive data are not Russian hackers, but employees on your payroll or vendors you trust.
Different Types on Insider Threats
Not every inside job is planned, nor is there malicious intent. In fact, according to the Ponemon Institute’s “2022 Cost of Insider Threat’s Report,” malicious insiders are the exception, not the rule. The Ponemon study found that:
- Negligent insiders are the most common and account for 62% of all incidents;
- Negligent insiders who have their credentials stolen account for 25% of all incidents; and
- Malicious insiders are responsible for 14% of all incidents.
Why Do Malicious Actors Act?
What motivates malicious actors? Most cybersecurity experts agree that the end goal is
money, a competitive edge, or revenge. Surprisingly, though, while Verizon’s “2019 Insider Threat Report” found that 64% of malicious actors are in it for the money, 17% do it just for fun.
Still, understanding why insiders act as they do isn’t always that simple. For instance, Tessian’s “2020 State of Data Loss Prevention” shows that 45% of employees take work-related documents before leaving a job or after being dismissed. The question is, “Why?” To gain a competitive advantage with their next employer? To use the information against their former employer? No one knows for sure.
How to Prevent Inside Jobs
The key to preventing inside jobs is first knowing what to look for. In its article, “7 Best Practices to Prevent Data Theft by Departing Employees,” Ekran says to look for these six warning signs:
- Plugging in unknown USB devices
- Accessing sensitive files without a reason
- Use of public cloud storage services
- Sending emails with attachments to private accounts
- Creating new accounts
- Deleting files and backups
We bring your attention to the first item on this list, which takes additional significance when coupled with Ekran’s No. 4 best practice for data loss prevention: Implement USB device management. Ekran goes on to say that “copying data to a USB device is one of the easiest ways to steal information.”
Locking Your Computer and Network Ports is Easy to Do
The cost of locking all computer and network ports is minimal – especially when compared to the average cost of a data breach, which is now a staggering $11.45 million, according to a recent report from Ponemon Institute’s Cost of a Data Breach Study.
USB port locks, network module locks, LAN cable locks, and secure USB hubs for your attached USB devices are inexpensive devices that can prevent malicious insiders from connecting their USB flash drives, external hard drives, and anything else you can imagine to your computers and/or your network.
Physically securing your data perimeter is a surefire way to protect your endpoints not only from malicious insider attacks, but also from innocent and non-wary employees who use their office computer to charge their infected mobile phone, triggering an event that takes down the entire network.