Organisations' employees cause data breaches every day - often without meaning to.
So how can CISOs and their security teams work to mitigate a risk that's driven by their own colleagues' unpredictable behaviours?
We asked Lisa Forte, Partner at Red Goat Cyber Security, to provide a quick overview of insider data breaches and the steps organisations can take to prevent them.
Transcript:
An insider date breach is any data breach that's been caused by someone who has been trusted by the organization and given access to company assets. They can be intentional or unintentional.
Deliberate insider breaches tend to be a lot more damaging to an organization, but they are fairly rare. Far more common than that though are unintentional breaches, which are done by people who are well-meaning employees who simply make a mistake or cut some corners and their job involves sharing data, and at that point a data breach is caused when they make a mistake.
There are two essential elements here to defending against inside of breaches. The first is good quality training for your staff, for all staff. And for staff that have access to the most sensitive things, investing in face-to-face training is really worthwhile. The second and equally important ingredient is investing in technology, especially things such as machine learning, that can take loads of really important decisions out of your employees hands. For example auto-encrypting an email or alerting a user that they're about to make a mistake.
Some of the most ineffective ways to mitigate against insider data breaches are when companies buy a load of tools and technologies that they don't have the time or the understanding or the resources to actually use effectively. We also see that companies implement technologies that are really complicated and put a lot of strain on their staff, and then what you tend to see is staff cut corners to get around those tools, so you're just spending money but you're not really becoming any more secure.