As companies emerge from the pandemic, and 40% of employees are planning to switch jobs, corporate data is at risk. Files are being uploaded, shared, synced and emailed by employees as a normal course of everyday business or as they prepare for their next role with different organizations. The very same technologies that enable the free flow of data in an organization are also the ones that make it easy for insiders to exfiltrate data. According to a recent study conducted by Aberdeen and commissioned by Insider Risk Management leader Code42, data breaches from insiders can cost as much as 20% of annual revenue. Perhaps just as important, the study showcased that at least one in three reported data breaches involve an insider. Both accidental and malicious Insider Risk can cost businesses material portions of revenue on an ongoing annual basis.
Insider threat programmes are difficult enough to run under the best of circumstances, since program stakeholders often have wildly different visions of who should be considered an “insider threat.” On the one hand, Human Resources types are loathe to label anyone other than the most blatantly disgruntled employee as such, while security departments often consider everyone with a slack attitude towards compliance as worth of consideration. As in most security activities, the truth lies somewhere in the middle of these opposing perspectives.
Recent studies show that over 80 percent of senior executives recognize that trade secrets are critical and essential to their businesses. Fifty percent of these senior executives say that trade secrets were more important than their patents and trademarks.
Even more (69%) say they foresee trade secret protection becoming more critical than safeguarding other types of intellectual property because of the rapid and furious pace of innovation. Over 60 percent of these senior executives say that protecting trade secret assets is a board-level issue. Nearly one-third of the respondents ranked the protection of trade secret assets a top-five concern.
Boards working in synergy with corporate management to drive business growth — that’s the dream, right? A recent McKinsey study notes that the pandemic has brought many companies closer to this ideal relationship, as company boards of directors (BODs) have risen to the challenge during a time of crisis to guide companies during this unprecedented period. A separate McKinsey study indicates that cybersecurity has been on the board agenda for some time.
Attacks on organizations from external malicious actors seize headlines on a daily basis. These stories matter, because they’re an important reminder to both policymakers and businesses that threat actors are shrewd, smart, organized and sophisticated—so investing in cybersecurity efforts is critical.
GCN is a government technology news website that delivers technology assessments to support Public Sector IT managers. According to a new GCN report, insider threats rank among the most challenging risks governments face. Trusted insiders under financial pressure, holding a grievance, or motivated by other factors, can intentionally damage an agency. The results range from information leakage and national security breaches to workplace violence and even reputational damage. Insiders’ unintentional actions can be equally damaging. Clearly, a robust insider threat program that protects government resources, employees, and contractors can deliver significant value and reduce associated risks.