Who’s stealing your data?

Here is a fact that many of us would like to forget.  Most data theft occurs by insiders.  This is often termed the insider threat or the human threat.  Insiders are the people who would usually be considered very trustworthy.  However, all it takes is some incident or life change to occur that can motivate someone to commit a crime.

Insider threat statistics

An evaluation of cases of insider theft has provided statistics useful in identifying the types of employees who are most likely to threaten information security.  Surprisingly, it’s not the underpaid computer guru working in the server room.  According to data from the Software Engineering Institute at Carnegie Mellon University, information theft is more likely to occur with those who serve in a managerial capacity in a non-technical role.  These individuals are usually between the ages of 26 and 40 and they are more likely to steal business data than Personally Identifiable Information (PII).

Data breach discovery

Equally important is that very few data thefts were discovered by the use of technology.  Rather, security awareness and incident response played a greater role in the detection of these crimes. Unfortunately, these competencies are neglected in many businesses.  The majority of cases were detected by employees who reported suspicious or unusual activity, customers who complained or by auditors.

Incident response planning

Ensure that your incident response plans include response to the insider threat.  This includes computer forensic imaging and proper evidence handling procedures since these cases often result in litigation.  Training should be implemented along with the incident response plan.  Train employees on how to recognize suspicious activity and whom to contact when they observe it.  Lastly, set up methods for anonymous reporting and whistleblowing.

About The Author

Eric Vanderburg

Eric Vanderburg is an author, thought leader, and consultant. He serves as the Vice President of Cybersecurity at TCDI and Vice Chairman of the board at TechMin. He is best known for his insight on cybersecurity, privacy, data protection, and storage. Eric is a continual learner who has earned over 40 technology and security certifications. He has a strong desire to share technology insights with the community. Eric is the author of several books and he frequently writes articles for magazines, journals, and other publications.


    1. Look for someone who suddenly becomes very controlling about part of their job or the opposite, very uncaring about it. Also, if someone suddenly begins dressing in more expensive clothes or brags about expensive toys/gadgets they bought, that can be an indicator too.

Leave a Reply