Insider Threats Are Not Always Intentional

When a person, company or news organization mentions the term Insider Threat, images of shadowy employees, spies, or black-market transactions may come to mind. Even Wikipedia defines Insider Threat as, “a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems. The threat may involve fraud, the theft of confidential or commercially valuable information, the theft of intellectual property, or the sabotage of computer systems.”

But, the truth is, while Insider Threat does oftentimes involve purposeful malevolence, sometimes Insider Threat is simply employees misusing, copying, or downloading data without malicious intent. Insider Threats are not always intentional. Depending on your industry, the biggest Insider Threat to your company may be simple negligence due to lack of education and enforcement of company data and security policies.

Related Article: 5 Things You Should Know About Insider Threats

On April 11^th, The Washington Post reported that a cyber breach hit 44,000 FDIC customers. The good news? It wasn’t intentional and the data was not given to outside parties. In a March 18^th memo it received from Lawrence Gross Jr., FDIC’s Chief Information Officer and Chief Privacy Offer, to FDIC Charmin Martin J. Gruenberg, The Washington Post reported that “the data were downloaded to a personal storage device ‘inadvertently and without malicious intent.’”

The Washington Post goes on to report that “The FDIC document does not indicate what information was taken, but does say the former employee had legitimate access to it ‘for bank resolution and receivership purposes.’”

While antiquated systems and a lack of policy enforcement may be the cause of data leaks and similar issues, Information Age reported that recent research finds undetected insider threats in 100% of companies. These threats are both malicious and unintentional. And very real.

But the question is, are you protecting your company from data loss with an Insider Threat program? If not, you should start now. Download an Instant FREE Trial of Proofpoint's Insider Threat Management Software.

Learn more about Insider Threats and implementing your Insider Threat Management program. Register for a FREE Webinar: Top Employee Security Mistakes that Put Your Data at Risk, featuring Eric Cole (former CTO of McAfee).