A couple of months back, the FBI prosecuted a former government contractor for the largest security breach in US history. The former NSA contractor pleaded guilty to stealing more than 50 terabytes of agency files. Unfortunately, this kind of insider attack is not the first nor will this be the last.
According to a new study conducted by BetterCloud, the biggest security threat to your business likely isn’t a cybercriminal or hacktivist, but someone already in your organisation. The vast majority (91%) of the 500 IT and security professionals surveyed said they feel vulnerable to insider threats, whether their acts are malicious or accidental.
Any form of data loss can be costly to the organisation. Imagine if a malicious employee leaked your trade secrets to a competitor or disclosed your customer records online. Cyber-attacks can damage consumer confidence and shareholder value. How can you prevent employee data thefts?
Organisations are tightening security policies to prevent cybercrime, but insider threats can be hard to detect. The motivation for insiders to carry out malicious attacks vary.
Here are three HR-focused tactics to help you reduce insider threats:
#1 Know how you hire. You can minimise employee risk by undertaking the right level of due diligence. A thorough background screen can reveal red flags such as dubious qualifications or termination from a previous employer due to misconduct.
#2 Know your employees. 60% of employers interviewed in the NAPBS survey only conduct background checks during the hiring process. Pre-employment screening captures a moment-in-time snapshot of a person’s financial and professional background. Rescreening is good practice, especially when you promote employees in higher-risk functions such as IT, procurement and HR where typically they’ll have access to sensitive data and systems.
#3 Extend screening policies. Employees are not the only insiders who have access to confidential information. Contractors and business partners may also be putting your data and systems at risk. By 2022, 64% of employers surveyed by the World Economic Forum for The Future of Jobs Report 2018 are likely to outsource work to external contractors. To protect your company, do consider screening policies that include your extended workforce.
Sterling RISQ is the leading background and identity services provider in APAC. Our mission is to make the world a safer place. Get in touch with us to learn how we can partner with you to hire with confidence.
This publication is for informational purposes only and nothing contained in it should be construed as legal advice. We expressly disclaim any warranty or responsibility for damages arising out this information. We encourage you to consult with legal counsel regarding your specific needs. We do not undertake any duty to update previously posted materials