How companies can deal with insider data theft

How companies can deal with insider data theft

To learn that your company's confidential data was stolen -- not by any hacker, but by an employee -- is a nightmare scenario that no one wants to face.

But it's also a risk that's very real. The recent arrest of a former NSA contractor suspected of stealing classified government files is just the latest high-profile example, and security experts say all companies need to be on guard against potential insider threats.

It's not every day that thieving employees take to the digital black market to sell their company's sensitive information, but it does happen, and incidents have been occurring more frequently, said Andrei Barysevich, a director at security firm Flashpoint.

Flashpoint specializes in investigating marketplaces on the Dark Web for possible sales involving private company data. In one such case, it identified an employee of a major software company attempting to sell valuable source code for about $15,000.

Flashpoint has also detected other incidents of insiders trying to sell information from financial companies, healthcare providers and law firms, all of which hold valuable data such as bank account numbers, patient information and upcoming merger and acquisition deals.

In many of those cases, it appears the insider had access to sensitive data that no one at their companies bothered to monitor, Barysevich said. That's a serious problem, and he advises companies to segregate all valuable data away from employees who don't have a reason to use it. He also says they should create a culture where employees are aware of the insider threat.

Data protection company Bitglass has also been studying the insider threat. In a reportpublished last month, it found that one-third of organizations surveyed had experienced an insider attack within the past year in which data was leaked.

However, malicious insiders weren't the only ones to blame. Careless employees caused some of the leaks.

"Inadvertent leakage is also a big problem," said Salim Hafid, product manager for Bitglass. 

Cloud-based applications and bring-your-own-device policies have only made it easier to accidentally share or publish confidential data, he said. As a result, more corporate data is getting out of company networks and into personal smartphones and file-sharing systems.

 

Share it:
Share it:

[Social9_Share class=”s9-widget-wrapper”]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You Might Be Interested In

Enabling Citizen Data Scientists to Reach Their Full Potential

21 Oct, 2021

With data scientists regularly topping the charts as one of the most in-demand roles globally, many organizations are increasingly turning …

Read more

What is Hadoop? Introduction to Hadoop Framework

23 Sep, 2017

What comprises of Hadoop architecture/ecosystem? The architecture can be broken down into two branches, i.e., core components and complementary/other components. …

Read more

How to Intelligently Apply Data Integration and Visual Analytics Tools

16 Nov, 2017

Data integration requires merging date from different sources, stored using technologies. Companies build a “data warehouse where aggregated data can …

Read more

Do You Want to Share Your Story?

Bring your insights on Data, Visualization, Innovation or Business Agility to our community. Let them learn from your experience.

Get the 3 STEPS

To Drive Analytics Adoption
And manage change

3-steps-to-drive-analytics-adoption

Get Access to Event Discounts

Switch your 7wData account from Subscriber to Event Discount Member by clicking the button below and get access to event discounts. Learn & Grow together with us in a more profitable way!

Get Access to Event Discounts

Create a 7wData account and get access to event discounts. Learn & Grow together with us in a more profitable way!

Don't miss Out!

Stay in touch and receive in depth articles, guides, news & commentary of all things data.