When Data Theft Is an Inside Job

From the University of Nebraska in the U.S. to a leading Canadian credit union, and a dustup between Tesla Motors and China’s Alibaba, insider data theft is trending in IT security anxiety. Insider data theft isn’t new, but it’s a growing problem for organizations of all types and sizes. That’s because personal and business data theft has been increasing in recent years, and many of the perpetrators are insiders.

Worried about Data Theft?

According to a recent survey, 90 percent of organizations feel exposed to ‘insider’ data exploits.IT security professionals, as well as business leaders, are worried, and for good reason. Insider data security threats can expose organizations to data theft and many other types of cybersecurity hazards.

When we hear or read the phrase, “data breach,” it’s easy to think of bad actors wanting to harm or steal data from a business or government agency. But many data breaches occur every day. In these attacks, current or former employees steal data and try to profit from the theft. Verizon 2018 Data Breach Investigations Report cites that more than a quarter (28 percent) of attacks reported were inside jobs. And about three-quarters of these exploits were motivated by profit. “Pure fun” as the report described, was another popular motive.

Plenty of Blame to go around

Insider theft incidents can happen for many reasons. If you’re wondering why insider data theft rates are increasing, look no farther than organizations with:

• Employees who have a lax attitude about theft. Many employees view data theft as no more serious than taking a pen or paper clips home. In the Black Hat USA 2019 survey of 476 IT security professionals, 24 percent admitted that they would steal company data to sweeten a job application at a competitor.

• Employeeswho are careless or lack IT security knowledge. Insider threats don’t always involve intentional malice. Often, the cause is employee lack of data protection knowledge or sometimes, simple carelessness.
• Technical decision makers, who don’t build an IT security culture.Manyemployers don’t use the principle of least privilegeto control access to company data and other assets. Also, employers often fail to train employees in specific security practices and fail to establishan IT security mindset.
• Modern technology, which exposes IT infrastructure to exploits. Increasing use of APIs and cloud-based services are just two of the time and money-saving advances that make it easier to find and steal datain corporate networks.Technology makes it faster and easier to communicate with and connect to customers, partners, and suppliers worldwide. However, the same technologyprovides more opportunities for data theft.

However, modern DevOps security practices also use advanced monitoring and analytics tools. These advances can detect and prevent data from being accessed, manipulated, or exported by bad actors.

Building Solutions That Protect Against Insider Data Theft

Technologyis a big part of the solution to insider data theft. Companies wanting to combatthis problem are building(or subscribing to)solutions based on several important capabilities. These theft-prevention solutions enable organizations to:

• Know who’s on the network and what they’re up to. If you can identify suspicious users, monitor their behavior, and alertsystem admins when signs of insider threats occur, you’re more likely to stop bad actors before they can get away.This approach is especially effective when solutions extend surveillance of direct employees to contractors and vendors, who get access to data and systems.
• Recognize suspicious behavior. Many security organizations use machine learning to compare the behavior of all users against established patterns of normal activity. Non-standard activity helps to identify unusual events and suspicious behavior.
• Provide immediate alertsof threatening behavior or unauthorized data access.It’s essential that IT and security staffmembers get immediate notification whenanyone gets unnecessary or unauthorized access to sensitive data.
• Know who interacts with sensitive data and where and when they do it. It’s important to know who in an organization engages with valuable data. For example, employees departing a staff role could be taking data to a black-hat data merchant or to a competitor to increase their chances of landing a job.

Now, companies can subscribe to advanced data theft mitigation services that provide these capabilities and more.

Advanced machine learning and data analytics capabilities monitorand audit behaviour patterns for suspicious activity at on-premises or cloud facilities.

By monitoring many behaviours and signatures in a wide range of data sources,these services can detect and prevent data theft incidents before they occur.And, these convenient, cost-effective cloud services can help organizations avoid the costsand risks of lost productivity, customer trust, and brand reputation.