Inside Jobs. PHOTO: Cybercrime Magazine.

Negligent Employees, Accidental Data Breaches Rising

Train insiders before they leak your files

– Amanda Glassner

Northport, N.Y. – Jul. 20, 2021

When Twitter was breached in July of 2020 — leaving 130 high-profile accounts at the mercy of hackers promoting a bitcoin scam — many initially suspected a flaw in code to be at fault. The true root of the breach, though, was even more alarming: an insider.

“Twitter didn’t break. An employee did,” reported NBC News last year, referring to the “coordinated social engineering attack” that gave cybercriminals access to internal systems and tools normally only available to the social media site’s staff. 

Unfortunately, this happens more often than you might think. 66 percent of data breaches involve an insider, according to research from Code42.

That’s right. Employees pose the greatest risk to organizations of all types and sizes globally — regardless of whether or not they intend to. Yet, in recent years, the insider threat has become a blind spot in cyberspace.

While security teams focused on “phishing, malware, nation-state actors” and other external threats, insiders wreaked havoc under the radar, causing two-thirds of breaches last year, says Joe Payne, president and CEO at Code42.

Cybercrime Radio: The Insider Threat

Joe Payne, CEO at Code42

“If you think about how the world has changed, it’s not surprising,” Payne tells us, referring, of course, to the COVID-19 pandemic and its impact on workforces everywhere.

“Organizations work better when everyone is sharing information. However, those same tools that make us better and more productive — Slack, Teams, and Zoom, to name a few — also make it really easy to exfiltrate data,” he warns.

Today, 85 percent of employees are more likely to leak files than they were pre-COVID. Very few of these individuals are actually malicious insiders, though; more often than not, they’re just negligent.

You don’t have to be a black-hat hacker to leak information; you just have to be careless. An accidental breach — albeit less newsworthy — is still a breach.

“These things happen during the normal course of business. It can be as simple as emailing a file to the wrong person,” notes Payne, but we should still keep watch for insiders looking to intentionally steal.

These crimes most often occur under the cover of an off-business server, personal email address, or thumb drive. Other methods on the rise include Apple airdrop and file-sharing services, such as Box.

Though daunting, the insider threat isn’t impossible to get ahead of. Payne’s advice? Follow the three T’s: transparency, training, and technology.

“Transparency” is key when it comes to securing organizations. “Most people want to do the right thing, and so, if they’re told somebody is watching them, they will.”

And because the cyber risk landscape is ever-changing, “we must train and educate our employees constantly,” but according to Payne, it is perhaps most critical to “have technology that supports today’s modern enterprises.”

Once these tips are utilized, the risk of an insider breach will significantly diminish, Payne promises. How can we be sure? His resume speaks for itself.

Beyond serving in the top position at Code42 — a global enterprise SaaS provider of insider threat solutions to more than 37,000 organizations, including some of the world’s most recognized brands — Payne co-authored the book, “Inside Jobs: Why Insider Risk Is the Biggest Cyber Threat You Can’t Ignore.”

Published last year, “Inside Jobs” offers companies of all sizes a new way to secure today’s collaborative cultures. It is available for purchase through Amazon.

To hear more about the insider threat, including how it differs from insider risk, listen to Payne’s full interview here.

Amanda Glassner is a staff writer and reporter at Cybercrime Magazine.

Go here to read all of my blogs and articles covering cybersecurity. Go here to send me story tips, feedback and suggestions.