Data Loss Prevention, Insider Risk

Why Data Breaches are caused by Employee Negligence

By Veriato Team

Every company – big or small – wants to avoid a data breach.  Most efforts are placed on protecting the environment from external threat actors and cyber-criminal organizations attempting to get in.

But, according to Shred-It’s 2018 State of the Industry report, A material focus should be placed on internal employees. Those with access to critical, sensitive, protected, or otherwise valuable data pose a real threat. According to the report, of those enterprise organizations experiencing a data breach in the last year, CSOs found that 47% of the breaches were due to employee negligence, and 22% to deliberate employee theft or sabotage.

But it’s not just enterprises that should be concerned.  According to Shred-It, an equally material 71% of small business owners who experienced data were attributed them to employees (42% negligence, 29% deliberate theft or sabotage).

So, how can organizations get ahead of employee actions resulting in data breaches to either prevent a breach or minimize its affect?

Organizations should take a two-pronged approach to addressing this problem:

  1. Predict Maliciousness – there’s a reason an employee commits data theft or sabotage; they’re unhappy, they need money, the feel unappreciated at work, etc. Looking for shifts in behavior and communication via User and Entity Behavior Analytics can effectively predict using analysis of psycholinguistic indicators and communications mediums when employee’s loyalty shifts from the organization to themselves.
  2. Monitor User Activity – whether negligent or malicious in intent, employee behavior around data breaches involves the user performing some action that puts the organization at risk. Whether data is copied, printed, emailed, messaged, or shared, the user interaction with data and applications can be watched and alerted on via Employee Monitoring Software, notifying the organization of potentially threatening actions.

The Shred-It data makes it clear; employees are a material enough problem to require some oversight and scrutiny.  So, if your security strategy doesn’t include monitoring and analyzing user behavior, it may be time to consider adding efforts to the protect against the insider.

How to Rebrand
“Bossware”at Your
Company

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida. Risus

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Employee Monitoring Resources

The Myths and Truths of Employee Monitoring

The Myths and Truths of Employee Monitoring

Early in the pandemic, searches related to “how to monitor employees working from home” increased by 1,705%. Without the oversight of managers in an office setting, many companies are concerned that their employees are less productive, and that there is an increase...

When To be Suspicious About Work-From-Home Employees (or Not)

When To be Suspicious About Work-From-Home Employees (or Not)

Perhaps someone doesn’t answer a Slack message as quickly as they should, or they have long hours blocked on their calendar. Maybe someone doesn’t seem motivated during team meetings or they are slow to complete work. While research has shown that overall,...

Avoid These Employee Monitoring Blunders

Avoid These Employee Monitoring Blunders

In September 2021, 45% of full-time employees were still working remotely, and the trend is hard to reverse. People like the freedom of working from home. Without a commute, they save time. Without a boss looming in the background, they can multi-task at home. And,...