Why Employees Are Your Biggest Insider Threats in Cybersecurity (And What to Do About It)

Published November 18, 2019

Why Employees Are Your Biggest Insider Threats in Cybersecurity (And What to Do About It)

It seems like every day we hear about another company getting hacked.

While we’d like to think this is solely the cause of some intelligent hacker outsmarting our security systems, the truth is that people help those hackers get inside our networks.

For example, according to a report by IBM, employees made mistakes in judgment that exposed billions of records between 2015 and 2017. 

This means insider threats in cybersecurity are a serious issue. 

So how do you identify these threats and what do you do about it?

Read on to find out. 

Insider Threats in Cybersecurity

Most companies have security measures in place to keep third parties from hacking in to access their computer networks. 

But when it comes to internal network security and actions of your own employees, those threats can be hard to detect or discover since your employees have trusted access to your data.

These types of threats can go unnoticed for too long unless someone is monitoring your systems and doing the deep analytics necessary to see what’s going on.

Here are some actions that can pose internal cybersecurity threats.

Sending Data to the Wrong Person

Most of us have at least some moments where we are rushed, tired or distracted when we’re at work.

So failing to notice that your email auto-filled-in the wrong email address is a mistake many make at least once.

Or we hit “reply all” on an email thinking we are sending it to just one person, then type in attach confidential information that gets sent to someone who isn’t meant to have it. 

When situations like this happen, here’s what to do about it. 

Make sure your employees write the inadvertent recipient and ask them to delete the email and provide a confirmation that they did so.

Then tell the person or people whose information you shared what happened and apologize. 

Consider disabling the autofill in function on your email program.

Clicking Link In A Phishing Email

Phishing emails are one of the threats from within you need to take seriously.

Phishing emails are a scam that comes in and is formatted and designed to look like it was sent from a legitimate company. The email will include a link to what appears to be the company’s website (but isn’t), to try to get an employee to enter login information.

Here are some signs that an email is phishing:

  • The email is incorrectly addressed
  • The email doesn’t refer to the employee by name. Instead, the email uses generic terms like “customer” or “client”
  • The email may state an error or security breach has occurred. Then asks your employee to click the link provided to reset their password, verify a purchase, or similar
  • If you hover over the links provided in the email, the address appearing will all point to the same URL or to a URL that doesn’t link to the company’s correct website
  • The email may also contact grammatical errors, misspellings, or conflicting information.

Because these types of emails are so common, most legitimate emails from companies won’t ask you to click links when something important has happened to your account.

Educate your employees about how to spot these types of emails. Tell them to resist clicking the link. If they are concerned there truly is an issue that needs to be resolved, locate a contact number for the company from a source other than the email and call them to confirm.

Opening Malicious Attachments

Educate your employees to know what to do if they think they have opened a malicious attachment which is one of the biggest cybersecurity issues. 

Have them immediately disconnect their computer or device from the internet to stop any download that may be being installed.

If you have an IT Department, tell your employees to immediately notice IT of the possible breach.

The employee’s computer or device will then need to have their data backed up the device scanned to see if any malware, ransomware or viruses were downloaded.

Storing or Saving Company Data on Personal Devices

More companies are requiring their employees to work on their own laptops, cellphones, and tablets. This means some part of your company’s data is likely on these devices. If the employee loses the device or has the device stolen, the safety of your data is compromised.

Employees also regularly send work email to their personal email for a variety of legitimate reasons. 

To combat issues that can arise from these actions, educate your employees on how to secure their personal devices. You’ll also need to tell your employees to refrain from giving other people access to their devices and personal emails.

Lack of Knowledge That Data was Confidential

While most employees will likely recognize that social security numbers and credit card numbers are confidential information that shouldn’t be shared with others, some data may be harder to recognize.

Investigate the type of data each of your employees has or may have access to during their employment. Then educate them on which types of data are shareable and with whom, and which data is not to be be shared with anyone.

Disgruntled Employees

Disgruntled employees can often pose inside attacks on your company.

An employee who has a vendetta against your company may be tempted to sabotage data or share data with third parties outside your company.

When an employee is fired or has given notice they are terminating their employment, you need to take immediate action to remove their access to confidential data.

This includes client lists, proprietary documents or software, or any other type of data that may be beneficial to them when moving to or looking for a new job (perhaps with your competitor).

Take Steps Today to Protect Your Data 

Data breaches are bad for business. They can make your customers or clients lose trust in you.

So don’t delay. Get help protecting your company from insider threats in cybersecurity.

Contact us today so we can help keep you protected from cybersecurity threats whether they are internal or external. 

Erik Gudmundson

Erik Gudmundson is an experienced leader in the field of IT service delivery. He is responsible for designing, proposing, implementing, and supporting cloud, on-premise, and hybrid IT solutions in computer-dependent business environments. As a trusted advisor to his clients, he communicates solutions and pitfalls/workarounds effectively.