The Securonix 2020 Internal Threat Report, released on Wednesday, noted that departing employees posed a significant test of the protection of sensitive information within the company. New research shows that most employees planning to leave may not only take sensitive information with them, but also involve 60 percent of internal network security and data breaches. The industry sees this segment of the outgoing employees as a “flight risk” because its behaviour patterns are likely to change dramatically in the two to two months before leaving.
Internal events are often caused by individuals within the organization, not external threat participants. Employees or contractors with access to the system can cause damage to critical businesses, steal or sell data, or leave a security mess. For example, without permission, the confidential information is uploaded or moved to a third-party service provider.
Securonix notes that sensitive data breaches remain the most common internal threat. In one case in 2019, for example, an arrested “flying risk” employee was accused of stealing customer data and allegedly reselling it to others for fraudulent purposes.
Typically, the person involved leakes information to cloud storage service providers such as Box and Dropbox by e-mail or web transfer. Behind this kind of behavior, in fact, the account authority is not strictly controlled and led to abuse.
After examining hundreds of similar incidents across industry verticals, Securonix believes that about 80 percent of “flying risk” employees are trying to take proprietary data away.
Of these, 43.7 percent of insiders forwarded data to personal email addresses, 16 percent abused cloud collaboration privileges, 10 percent downloaded aggregated data, and tortured data through unauthorised USB and removable storage media.
The good news is that as corporate security awareness increases, many companies have begun to restrict or disable removable storage media such as USB altogether. In addition, many organizations are transitioning to cloud computing and IaaS platforms during the epidemic.