Data leaks from within, a key cybersecurity threat

Live Mint, January 31, 2022

Smart and trustworthy employees are a firm’s greatest assets. However, the problem arises if one of them resigns or is asked to go and takes with him or her confidential data that can give your firm’s competition an edge.

In July 2020, a 35-year-old man was arrested in Delhi for allegedly hacking into the systems of his former employers and deleting important information from their databases. The man was a software engineer at the firm and used his knowledge of the firm’s systems to cause them financial loss after he had been fired, according to the police.

In April 2020, the US department of justice charged a man for delaying shipments of a medical device packaging company by sabotaging their electronic shipping records.

These are just two among a growing number of incidents in the last two years where employees have posed a threat to the security of organizations.

Insider threats have increased in frequency and cost over the past two years, according to a report by Michigan-based Ponemon Institute. The institute interviewed 1,004 IT and IT security practitioners in 278 organizations that experienced one or more material events caused by an insider. A total of 6,803 insider incidents are represented in the research.

This comes against the backdrop of employees largely working remotely for the past two years. Several employees are thus staring at more tech than they are actually fit for and this has led to rising insider security threats.

Cybersecurity should thus be a top concern for business heads, according to experts. However, security professionals have a different story to tell. The increasing dependence on virtual interactions and the rise of connected devices “has widened the digital gap”, according to Vishak Raman, director, security business, India and Saarc, Cisco. The “most prepared and equipped organizations” can still not avoid cyberattacks entirely, he said.

The Ponemon Institute report categorized insider threats as a careless or negligent employee or contractor, a criminal or malicious insider, or a credential thief. Credential thefts include unlawfully obtaining an organization’s sensitive passwords. Insider threats have increased across all three profiles, but those triggered by careless or negligent employees are the most rampant, the report said.

About 56% of incidents experienced by organizations represented in this research were because of negligence and the average annual cost of remedy was $6.6 million. Malicious insiders, which includes employees or authorized individuals who use their access for harmful, unethical, or illegal activities, caused 26% of the incidents. The average annual cost of remedy in these incidents was $4.1 million. The report also said that at an average of $804,997 per incident, credential theft is the costliest to remediate. The average annual remediation cost was pegged at $4.6million.

Resilient cybersecurity is the key concern amid rapid digitization, but boardrooms are still not giving it the required significance. A report from the World Economic Forum last week noted that chief information security officers do not agree that cyber resilience is built into the methods and processes enterprises use to manage risks, called enterprise risk management strategies, though chief executive officers claim otherwise.

As much as 92% of business executives surveyed in that report agreed that cyber resilience is integrated into enterprise risk-management strategies, but only 55% of security-focused leaders surveyed agreed with the statement.

“The focal objective of leaders must shift to bolstering cyber resilience and fostering the ability to detect and manage disruptions,” Raman said.

This news can also be viewed at: