Few concerns keep business leaders up at night like the threat of a cybersecurity incident. With the average cost of a data breach exceeding $4 million for the first time and public sentiment, regulatory requirements and practical functionality firmly against companies that can’t protect their digital landscape, many leaders are reprioritizing cybersecurity in response to this increasingly urgent reality.
According to Gartner’s 2021 CIO Agenda Survey, cybersecurity is the top spending priority for 61% of leaders as they work to address rapidly shifting risks and responsibilities.
When making spending decisions, leaders can optimize their return on investment by directing their efforts toward insider threats, which represent a potent cybersecurity threat to every organization. This approach is part of this year’s annual Cybersecurity Awareness Month, which promotes #BeCyberSmart to enhance a company’s defensive posture.
When directing cybersecurity investments toward insider threats, here are four profiles that decision makers need to address:
1. Malicious Insiders
Employees, contractors and other trusted third parties compromise data and digital infrastructure for several reasons. Most prominently, malicious insiders are motivated by money. Company and customer data has value on the dark web, where even amateur cybercriminals can easily and anonymously capitalize on their privileged access.
Meanwhile, some trusted insiders will steal company data, trade secrets and other useful information. This may help them win a new job at a competing organization or procure leverage for a financial payout. When employees are frustrated, unsatisfied or uncertain, they can quickly become malicious insiders putting critical data and digital infrastructure at risk.
The recent pandemic exacerbated these challenges, as increased economic uncertainty, remote work and mental health strain trusted insiders.
2. Accidental Insiders
Of course, not all insider threats act maliciously. It’s estimated that 85% of all data breaches involve a “human element,” and only a fraction of breaches are intentional.
For example, employees accidentally compromise company data when they misplace technology, including laptops and smartphones, that store a treasure trove of sensitive information. In addition, accidental insiders might cause a data privacy incident by misdirecting email messages containing company or customer data or by sharing information with people outside of the organization.
Accidents are inevitable, so businesses need to adopt cybersecurity solutions that account for this contingency.
3. Ignorant Insiders
For most employees, cybersecurity and data privacy are not top-of-mind as they execute their day-to-day responsibilities. They don’t truly understand or appreciate the repercussions of a data breach, and they wouldn’t know how to respond to a threat even if they did identify one.
This is especially true for phishing scams, which increased significantly during the pandemic and continue to plague organizations of all sizes and across many industries.
However, ignorant insiders are not just relegated to phishing scams. According to one survey, 61% of employees failed a basic cybersecurity quiz. This isn’t surprising, considering the average company only invests 5% of its IT budget on employee training.
Companies need to ensure that their employees understand the expansive nature of today’s threat landscape while equipping them with tools and strategies to protect data and digital infrastructure.
4. Careless Insiders
Unfortunately, some employees are just careless, neglecting to practice even minimal best practices to maintain optimal digital hygiene, which can keep the online environment safe for everyone.
For instance, “123456” and “password” continue to be two of the most popular passwords, despite their obvious security flaws. Similarly, 35% of people never change their account passwords — even after a data breach notification — often providing front-door access to threat actors.
At the same time, when employees fail to use even basic cybersecurity tools, like multi-factor authentication or VPN services, their inaction puts sensitive data at risk.
Where Do We Go From Here?
Moving forward, businesses need to consider insider threat prevention an integral part of their holistic cybersecurity strategy. This starts with gaining insight into employee’s digital behavior on company devices, which allows IT teams to detect, prevent and deter insider threats of all types.
What’s more, responding to insider threats isn’t just a software solution — it’s an all-in, top-down, operational imperative that’s inherently people-focused. The costs and consequences of a cybersecurity failure are immense, and businesses would be wise to invest in the organizational values, practical processes and security solutions that keep company data and digital infrastructure secure against the various insider threat expressions.
This article was originally published in Forbes and reprinted with permission.