Insider theft is on the rise. Displaced workers are abusing their corporate data access to steal, exploit and damage information networks. In a survey of 800 worldwide CIOs, more than 40% agreed that displaced employees were the biggest threat to vital information. International companies are estimated to have lost more than $1 trillion in intellectual property last year. What steps are taking to ensure your most precious asset – your data – is protected?
“This is a wake-up call because the current economic crisis is poised to create a global meltdown in vital information. Increased pressures on firms to reduce spending and cut staffing have led to more porous defenses and increased opportunity for crime. Companies need to stop looking at security as a cost center but as a business enabler,” said Dave DeWalt, president and chief executive officer of McAfee.
Many cases of businesses theft and data loss go unreported due to embarrassment, public relations nightmares and the possibility of losing customers. This practice may soon be coming to a halt. States are beginning to regulate data breach reports. California is paving the way for regulations in data theft incidences by requiring businesses to report a breach within 24 hours. We expect other states to follow suit with reporting requirements.
In a recent study by CERT and the Army Research Office, multiple cases of insider theft were studied for patterns of behavior. These cases all included prosecution where public information was readily available. The study suggested that dissatisfaction played a major role in 39% of the cases with denied raises, benefits, applications for promotion, requests for relocation and the threat of layoff from within the organization.
Most businesses believe in protecting the perimeter of the network. Little focus has been given to the inside. Insider threats include not only misconfigurations of access controls, which allow access into applications or data that should be restricted, but also snooping employees, corporate espionage and disgruntled employee theft.
Although most companies don’t regard inside security as critical as external security, the approach to both types of threats should be the same.
1. Security Assessment – ensure your devices are configured correctly and your policies and procedure back up your security stance
2. Penetration Testing – check your systems just like and outside hacker would
3. Security Enforcement – knowing your vulnerabilities is half the battle, fixing them is the other half
4. Perimeter Monitoring – round-the-clock monitoring to ensure speedy response to an attack
5. Internal Monitoring – protect your business from attacks against trusted users
Since insider attacks are specifically targeted attacks, it’s risky business not to proactively protect your organization.