Data Loss Prevention, Insider Risk

Why Data Breaches are caused by Employee Negligence

By Veriato Team

Every company – big or small – wants to avoid a data breach.  Most efforts are placed on protecting the environment from external threat actors and cyber-criminal organizations attempting to get in.

But, according to Shred-It’s 2018 State of the Industry report, A material focus should be placed on internal employees. Those with access to critical, sensitive, protected, or otherwise valuable data pose a real threat. According to the report, of those enterprise organizations experiencing a data breach in the last year, CSOs found that 47% of the breaches were due to employee negligence, and 22% to deliberate employee theft or sabotage.

But it’s not just enterprises that should be concerned.  According to Shred-It, an equally material 71% of small business owners who experienced data were attributed them to employees (42% negligence, 29% deliberate theft or sabotage).

So, how can organizations get ahead of employee actions resulting in data breaches to either prevent a breach or minimize its affect?

Organizations should take a two-pronged approach to addressing this problem:

  1. Predict Maliciousness – there’s a reason an employee commits data theft or sabotage; they’re unhappy, they need money, the feel unappreciated at work, etc. Looking for shifts in behavior and communication via User and Entity Behavior Analytics can effectively predict using analysis of psycholinguistic indicators and communications mediums when employee’s loyalty shifts from the organization to themselves.
  2. Monitor User Activity – whether negligent or malicious in intent, employee behavior around data breaches involves the user performing some action that puts the organization at risk. Whether data is copied, printed, emailed, messaged, or shared, the user interaction with data and applications can be watched and alerted on via Employee Monitoring Software, notifying the organization of potentially threatening actions.

The Shred-It data makes it clear; employees are a material enough problem to require some oversight and scrutiny.  So, if your security strategy doesn’t include monitoring and analyzing user behavior, it may be time to consider adding efforts to the protect against the insider.

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Productivity & Insider Risk Resources

Is Employee Monitoring Software Worth The Investment?

Is Employee Monitoring Software Worth The Investment?

Key Takeaways: Employee monitoring software offers detailed insights into employee activities, enhancing productivity and bolstering data security. Choose the right software based on features, cost, integration capabilities, and scalability to align with specific...

How To Choose The Right Employee Monitoring Software

How To Choose The Right Employee Monitoring Software

Remote work is becoming increasingly common, and data breaches are a constant threat. The importance of employee monitoring software has never been more pronounced. For businesses looking to safeguard their digital assets while optimizing workforce productivity,...

UEBA: Revolutionizing Security With Advanced Analytics

UEBA: Revolutionizing Security With Advanced Analytics

Key Takeaways: Behavior-Focused Security: UEBA revolutionizes cybersecurity by analyzing user behavior patterns, providing a dynamic approach to detecting anomalies and potential threats. Flexible and Adaptable: Scalable for any organization size, UEBA integrates with...