Insider Risk

Who to Consider an Insider Threat in Your Organization

By Veriato Team

Who to Consider an Insider Threat

Typically, people think of security threats as outside attacks on an organization. Data security plans tend to focus on securing the perimeter, endpoints, email and data. Though these are certainly critical measures, all organizations should realize the real threat that insiders, or internal employees, pose to operations.

28 percent of data breaches are perpetrated by insiders and institutional fraud is almost always executed by an insider. With 53 percent of organizations experiencing at least one insider attack within the last 12 months, it’s clear that all organizations should take steps to detect and prevent insider threats.

But how do you determine who those threats are? Unfortunately, the problem is more complex than just “malicious insiders,” employees with malicious intent against the organization and are seeking to cause damage. Below are several insider threat possibilities within your organization. Thoughtfully consider which ones are of concern to your organization and what that concern means for your security procedures.

  1. Malicious employee – As briefly mentioned previously, a malicious insider is one who purposely seeks to damage the company. Damage can come as the theft and sale of data, release of private information, or other acts that can harm an organization’s financials or reputation. Organizations should be on the lookout for any employee who may have reason to harbor negative feelings toward their employer.
  2. Unproductive employee – If employees lose productivity, it immediately effects your bottom line. If each employee in a 100-person company wastes an hour of the work week, that payment for wasted time equals 2.5 employees’ annual salaries. With a loss like that, unproductive workers are definitely a threat to keep in mind.
  3. Harassment/discrimination complaints – If an employee acts inappropriately in the workplace, that behavior can have serious financial repercussions. The EEOC (Equal Employment Opportunity Commission) reports that more than 84,000 harassment and discrimination charges occurred in 2017 with damages in excess of $355 million. Additionally, those inappropriate acts can effect an organization’s reputation with the public, or deter potential candidates from applying to work there.
  4. Corporate fraud – According to the Association of Certified Fraud Fraud Examiners (ACFE), the median loss from fraud is $130,000 and takes 16 months to be discovered. 85 percent of perpetrators are first-time fraudsters, which can make detection more difficult. In addition to monetary damages, fraud cases are often very public and can cause exceptional damage to a company’s reputation.
  5. Insider data theft – 28 percent of data breaches are perpetrated by insiders. An average breach compromises more than 24,000 records with an average cost per record at $1,412. That brings the average total cost of a data breach to $3.4 million.
  6. Negligence – Sometimes, simple negligence on the part of employees can cause major security breaches. The simple act of leaving a database exposed to the Internet or losing a laptop outside once can have serious repercussions. Innocent clicking of a malicious email attachment can infect a machine with malware, which can result in data breaches, ransomware attacks, espionage and more.

There are several types of insider threats that can pose a risk to your organization. While most organizations focus on data breaches, it’s important to consider each scenario and then take action by investing in appropriate software and developing execution strategies.

2023 Preparedness Checklist: Ensure Your Workforce Is Productive and Secure

This guide will help you understand where there are opportunities and risks in your workforce, and what you can do to make sure 2023 is as secure and productive as possible with workforce behavior analytics.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Productivity & Insider Risk Resources

A More Insightful, Proactive Approach to Employee Monitoring

A More Insightful, Proactive Approach to Employee Monitoring

Also known as “bossware” and even “employee surveillance”, employee monitoring has been placed in the bucket of technologies that companies force on their employees. Whatever you call it, its use is on the rise and it looks like it’s here to stay. As of 2022, 60% of...

Bossware and the Future of Work

Bossware and the Future of Work

Recently, there has been considerable coverage of “bossware” and a focus on draconian types of “surveillance” some companies are using to stay on top of remote and flexible workforces. Articles claim companies are accessing the camera on laptops and tracking every...

The Myths and Truths of Employee Monitoring

The Myths and Truths of Employee Monitoring

Early in the pandemic, searches related to “how to monitor employees working from home” increased by 1,705%. Without the oversight of managers in an office setting, many companies are concerned that their employees are less productive, and that there is an increase...