Employees: First Line of Cyber Defense or Serious Security Threat?

Many organizations rely upon their employees prevent cybersecurity breaches. Employees are advised not to click on unknown links and attachments, share their user credentials, or use unapproved applications and services. And for the most part this strategy works — in a recent study conducted by Sapio Research, 79 percent of information security leaders said that employees are an effective first line of defense against cyberattacks.

However, the 2019 Global Data Exposure Report also found that current and departing employees expose organizations to breaches and put sensitive information at risk. These insider threats stem from employees’ failure to follow security policies, and from a sense that corporate data belongs to them.

Risky Behaviors Bring Cyber Threats

The research for the report was conducted via an online survey of 1,028 information security leaders and 615 business decision-makers. Almost half (43 percent) of decision-makers admit to using personal email to send files and collaborate with colleagues. Almost one-third (31 percent) also use social media platforms and 37 percent use WhatsApp.

Additionally, 78 percent of information security leaders and 65 percent of business executives admit to clicking on a link they should not have. This shows that employees at all levels have lapses in judgment that impact cybersecurity. As a direct consequence of these risky behaviors, half of the data breaches organizations experienced in the preceding 18 months were caused by employees.

Employees Feel Entitled to Company Data

While most employees try to leave their jobs on a positive note, odds are high that they are taking proprietary data when they leave. That’s because most employees feel that corporate data represents their work and their ideas, and they are therefore entitled to personal ownership of it.

Equally concerning are incoming employees who bring data from their prior organizations with them. Nearly two-thirds (63 percent) of survey respondents admit to bringing data from past employers to their new jobs, exposing their new employer to potential legal liability.

What Can Organizations Do?

There are a number of commonsense steps organizations can take to reduce the risk of insider threats:

  • Develop policies regarding social media usage, remote access to company IT resources, retention and destruction of data, and other security-related issues. Make sure that employees understand these policies and the consequences of failure to follow them.
  • Implement security best practices and communicate them to employees. Regular training sessions can help create a culture of security throughout the organization.
  • Have a third-party provider such as SSD conduct an annual vulnerability assessment. A third party with expertise in cybersecurity can perform a thorough and objective review of your cyber defenses.
  • Deploy email-based data loss prevention (DLP). DLP tools monitor email for sensitive data and enforce policies regarding access to or sharing of that content. Email encryption can provide an additional layer of security.

Many organizations trust employees to keep data safe but this trust is frequently abused. Employees take more risks with data than employers think, which leaves organizations open to insider threats. SSD can help you implement the policies, procedures and tools you need to ensure that your employees don’t create security risks.