Insider Threats: How Menacing are They?

News you need to know

• Scalable Capital, an online advisory firm, fell victim to a major data leak. It is believed that around 20,000 customers were affected by the leak of confidential data that included contact information, tax identification numbers, and bank account details. The leak is attributed to excessive insider knowledge.
• Last month, Shopify underwent a data breach caused by two support team employees. Although 200 merchants were affected, there has been no evidence to show misuse of the stolen data.
• In August, numerous high-profile Twitter accounts were hacked via social engineering techniques. A small number of employees were reportedly tricked through social engineering to hand over their admin credentials.

What let the threats in?

• The lack of security awareness about exploits often proves to be costly. Attacks such as phishing and vishing target employee credentials, leading to easy intrusions with dire consequences.
• Moreover, the gray area is expanded as employee loyalties change over time. Organizations face huge risks in terms of securing intellectual property when employees quit.
• A rising number of smaller such incidents fly under the radar as they don’t get a shout out from victim organizations. However, the danger arises when malpractices are neglected and left unacknowledged.

The bottom line