The recent news that Cash App’s investing unit fell victim to insider attack not only affected the customers of that financial application. It served as a reminder of how increasing employee departures (due to layoffs or “Great Resignation” departures) can impact financial firms and their customers.
Last week a Securities and Exchange Commision (SEC) filing emerged that revealed a former Cash App investing employee exposed customer data from 8 million accounts in December.
Most companies are failing to guard against internal threats in the same way they shield against external attackers, a new report from cybersecurity firm Imperva suggests.
There are numerous reasons for this behavior, from budget constraints, to the lack of in-house expertise. However, many companies are simply oblivious to the dangers posed by insider threats.
According to the 2022 Cost of Insider Threats Global study from Ponemon Institute, the overall number of insider threat incidents jumped by 44% in the past two years.
The report found that malicious or criminal insiders cost even more: $648,062 on average, with malicious or criminal insiders behind 26% of incidents.
As defined by the Intelligence and National Security Alliance (INSA), the following are the insider ‘terms with greatest resonance and most widespread use’: unintentional insider threat, theft of intellectual property or national defense information, insider fraud, sabotage, and workplace violence.
And thanks to a growing body of case studies, we now have common personality characteristics, precipitating events, and indicators for each insider type along with a general progression toward action. They help us understand the common root causes that can lead a variety of different insider actions. They serve as a starting point for organizations to further refine as they tailor their risk mitigation to their specific business and environment.
Trade secrets are becoming increasingly valuable and integral to maintaining a company’s success, but companies are often unaware of the legal, administrative, and technical tools they can use to protect this information. This knowledge gap is especially pronounced in the context of employee departures and moves to competitors. While a common occurrence in most industries, an employee’s departure can put a former employer’s trade secrets — and competitive advantage — at the most risk.
In 2004, 19-year-old college sophomore Elizabeth Holmes dropped out of Stanford University to create a company that would change the world. Theranos, Inc. was going to revolutionize medicine with its proprietary blood testing devices that could detect high cholesterol, cancer, and other medical conditions with a single finger pinprick. In 2014, the company’s valuation peaked at over $9 billion, making Holmes the youngest self-made female billionaire in the world with a net worth of about $4.5 billion. Four years later, in June 2018, Holmes was indicted on eleven counts of fraud. On January 3, 2022, Holmes was convicted on one count of conspiracy to defraud investors and three counts of wire fraud. She faces a maximum sentence of twenty years in prison, and a fine of $250,000, plus restitution, for each count.