Who’s stealing your data?

4 years ago
Eric Vanderburg

Here is a fact that many of us would like to forget.  Most data theft occurs by insiders.  This is often termed the insider threat or the human threat.  Insiders are the people who would usually be considered very trustworthy.  However, all it takes is some incident or life change to occur that can motivate someone to commit a crime.

Insider threat statistics

An evaluation of cases of insider theft has provided statistics useful in identifying the types of employees who are most likely to threaten information security.  Surprisingly, it’s not the underpaid computer guru working in the server room.  According to data from the Software Engineering Institute at Carnegie Mellon University, information theft is more likely to occur with those who serve in a managerial capacity in a non-technical role.  These individuals are usually between the ages of 26 and 40 and they are more likely to steal business data than Personally Identifiable Information (PII).

Data breach discovery

Equally important is that very few data thefts were discovered by the use of technology.  Rather, security awareness and incident response played a greater role in the detection of these crimes. Unfortunately, these competencies are neglected in many businesses.  The majority of cases were detected by employees who reported suspicious or unusual activity, customers who complained or by auditors.

Incident response planning

Ensure that your incident response plans include response to the insider threat.  This includes computer forensic imaging and proper evidence handling procedures since these cases often result in litigation.  Training should be implemented along with the incident response plan.  Train employees on how to recognize suspicious activity and whom to contact when they observe it.  Lastly, set up methods for anonymous reporting and whistleblowing.