The temptation among employees—especially those in IT—to steal sensitive company data looms surprisingly large, but employers can detect these impulses by tuning in to a wide range of risk indicators.
The term “insider threats” often refers to individuals who use their knowledge of or access to an organization and its systems to deliberately perpetrate wrongdoing, whether fraud, sabotage, theft, or a violent act. These individuals may be current or former employees, contractors, or employees of third-party service providers.
Insider threats also include individuals who don’t intend to do harm, but whose choices and actions compromise the safety or security of their organizations. For example, new employees who are unaware of their companies’ cybersecurity practices may neglect to properly encrypt email containing sensitive data, leaving those messages vulnerable to certain kinds of cyberattack. Another example: Employees who are aware of company policies, but are complacent or lackadaisical about them, may fail to lock their laptops while working remotely, leading to thefts that expose intellectual property or usernames and passwords.
When you include “innocent” individuals in the definition of insider threat, as many leading thinkers on this topic recommend, the risk becomes considerably larger and more complicated to manage.
During a Dbriefs webcast, Michael Gelles, a director with Deloitte Consulting LLP and author of the forthcoming book “Insider Threat: Detection, Mitigation, Deterrence, and Prevention,” and Deloitte Consulting LLP specialist leader Robert McFadden shared the fundamental components of an effective insider threat mitigation program. They suggested data points companies could collect to proactively detect individuals who may pose a potential insider threat. They also shared the following statistics, which highlight the widespread scope of malicious and accidental insider incidents and the ability of stronger mitigation programs and detection tools to prevent these risks.