Looking For A Potential Cause Of A Data Breach At Your Company? Here You Go.
Preventing a data breach or other damaging cyberattack incident is the primary goal of cybersecurity professionals everywhere. We spend hours combing over details for solutions and upgrades, determining how to best spend each precious budget dollar, and making plans to keep cybercriminals out and data in. But there may be something that gets overlooked in that calculus – the types of employees that are the most likely to become the cause of a data breach.
More People, More Problems
While every employee has the potential to cause a cybersecurity disaster like a data breach, it’s just a fact that some employees are destined to be culpable just a little bit more than others. Most employees won’t take cybersecurity as seriously as they should without consistent, thorough security awareness training that’s updated at least every quarter. Whether it’s carelessness, arrogance, overconfidence, or malice, every staff includes people who are walking cybersecurity risks. Here’s how to spot and stop them.
The Speed Demon
Who is it?
This employee is always in a hurry, and always plugged in. the Speed Demon already took that training course and read the materials – and promptly dismissed that stuff when something more important to them landed on their desk. They’re the first person to reply to every email chain, register for an event, or update their account information for Zoom – and the first person to get caught by a phishing message. The Speed Demon is busy busy busy and doesn’t have time to carefully inspect every message for potential phishing lures. Isn’t that why the company has an IT team?
No, that’s not the reason why the company has an IT team, Speed Demon – and that IT team is extra stressed because they’ve just had to clean up your malware mess. The Speed Demon needs to be educated about cybersecurity risks to understand how their actions can cause a disaster that slows the whole company down.
Who is it?
This employee isn’t usually hard to spot, but they can be dismissed too easily. While only about 20% of insider incidents are caused by malicious actors, they’re out there, waiting to get their “revenge” for whatever they’ve decided the company has done to them. Maybe they were overlooked for a promotion, or they feel overworked and underappreciated, or they just weren’t invited to sit at the cool kids’ lunch table. Negative Nancy will cause as much trouble as they possibly can and laugh.
Whatever the cause of their discontent, Negative Nancies often do more than just sulk and complain – they also deliberately cause trouble, and they don’t discriminate between taking advantage of circumstances that allow them to gum up the works or planning deliberate sabotage. The more tech knowledge your Negative Nancy has, the more trouble they can cause through things like selling their systems access on the Dark Web. These employees should be immediately put on your internal watch list, no matter how silly or petty it seems to take them seriously.
When you’re dealing with a Negative Nancy, you need Dark Web monitoring. While every business should remain vigilant for insider threats at all times, if you’re dealing with an obviously disgruntled employee, they could be dealing your company’s data on the Dark Web. Optistar’s Dark Web Monitoring scours the Dark Web 24/7/365 using a combination of human and machine analysis to sniff out potential password compromise in your organization and send up a red flag to alert you to trouble. Right now and until December 31st, 2020, we’re offering a 45-day Free Trial of our Dark Web Monitoring and Security Awareness Training. Be sure to sign up now and you can use in the first quarter of 2021 to start the year off right!
Who is it?
This employee is TIRED. They may be experiencing burnout, overloaded with work, dealing with an illness, having family troubles, or in some other kind of pickle. Especially as remote work continues to ramp up data breach risk for businesses, these employees are capable of accidentally causing big damage with something as small as a missent email. Mister Sandman is cutting every corner because they simply cannot summon a hoot to give about the details of anything right now. Maybe after a vacation, a massage, and 3 naps.
The bottom line with Mister Sandman is that their chronic exhaustion equates to carelessness when it comes to cybersecurity. This employee will inevitably make mistakes in handling data and maintaining password security. In order to mitigate the consequences of employee carelessness, you need to have an extra checkpoint between them and your critical systems and data.
Choose Optistar to help you keep a check on Mister Sandman. Secure identity and access management goes a long way toward reduce the risk. By adding multifactor authentication, you prevent these employees from doing damage by recycling an already compromised password by requiring a second identifier for it to unlock anything. And if they do fall into a cybercriminal trap through carelessness, single sign-on LaunchPads enable IT teams to quickly quarantine their user account and cut off their access to mitigate damage. Contact us today or email us at firstname.lastname@example.org for more information.
Be sure to check out our other articles on cybersecurity on our blog.
– ID Agent