Data Loss Prevention, Insider Risk

Why Data Breaches are caused by Employee Negligence

By Veriato Team

Every company – big or small – wants to avoid a data breach.  Most efforts are placed on protecting the environment from external threat actors and cyber-criminal organizations attempting to get in.

But, according to Shred-It’s 2018 State of the Industry report, A material focus should be placed on internal employees. Those with access to critical, sensitive, protected, or otherwise valuable data pose a real threat. According to the report, of those enterprise organizations experiencing a data breach in the last year, CSOs found that 47% of the breaches were due to employee negligence, and 22% to deliberate employee theft or sabotage.

But it’s not just enterprises that should be concerned.  According to Shred-It, an equally material 71% of small business owners who experienced data were attributed them to employees (42% negligence, 29% deliberate theft or sabotage).

So, how can organizations get ahead of employee actions resulting in data breaches to either prevent a breach or minimize its affect?

Organizations should take a two-pronged approach to addressing this problem:

  1. Predict Maliciousness – there’s a reason an employee commits data theft or sabotage; they’re unhappy, they need money, the feel unappreciated at work, etc. Looking for shifts in behavior and communication via User and Entity Behavior Analytics can effectively predict using analysis of psycholinguistic indicators and communications mediums when employee’s loyalty shifts from the organization to themselves.
  2. Monitor User Activity – whether negligent or malicious in intent, employee behavior around data breaches involves the user performing some action that puts the organization at risk. Whether data is copied, printed, emailed, messaged, or shared, the user interaction with data and applications can be watched and alerted on via Employee Monitoring Software, notifying the organization of potentially threatening actions.

The Shred-It data makes it clear; employees are a material enough problem to require some oversight and scrutiny.  So, if your security strategy doesn’t include monitoring and analyzing user behavior, it may be time to consider adding efforts to the protect against the insider.

Insider Risk – How Prepared Are You?

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Insider Risk & Employee Monitoring Resources

Why User Activity Monitoring (UAM) is a Must for SMBs

Why User Activity Monitoring (UAM) is a Must for SMBs

Key Takeaways: Productivity Drives Growth: Understanding workforce behavior helps SMBs eliminate inefficiencies, boost productivity, and fuel organizational success. Remote and Hybrid Work is Still Common: With 28% of workers operating remotely weekly, SMBs need tools...

Smart Year-End IT Investments- A Trifecta for ROI

Smart Year-End IT Investments- A Trifecta for ROI

Drive Productivity, Reduce Insider Risk, Enforce Compliance As the year wraps up, many IT, security, compliance, and HR teams have unspent budgets that won't roll over. Rather than scrambling for last-minute, low-value purchases, why not make smart, strategic...