Employees and Partner Organizations Pose Threat to Companies
Thursday, March 14, 2019

According to the 2019 Verizon Insider Threat Report, 20 percent of all cybersecurity incidents and 15 percent of data breaches in 2018 were caused by insiders—that is, employees or partner organizations. The reasons for these threats included financial gain (to use or sell company data to make money—47.8 percent), pure fun (23.4 percent) and espionage (14.4 percent).

The report lists five categories of insider threat actors:

  1. The Careless Worker—who misappropriates resources, installs unauthorized apps and workarounds, breaks the company’ acceptable use program, or mishandles data.
  2. The Insider Agent—who is recruited, solicited or bribed to exfiltrate data from the company.
  3. The Disgruntled Employee—who wants to hurt the company by destroying or exfiltrating data to cause harm to the company.
  4. The Malicious Insider—who accesses corporate assets and intellectual property information for personal gain.
  5. The Feckless Third Party—business partners who have reduced security, compromising company data through negligence, misuse, or malicious threat.

The Verizon Report provides a framework on how to be proactive in addressing insider threat.

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins