There are definitely business rivals and skilled hackers outside of your organization who could threaten your cybersecurity if they wanted to, and you should make sure that you’re protected against them. But often, the people who can do the most damage to your network, data security, and reputation are people who have the most access – people who work for you. If you’re not worried about insider cybersecurity threats, you may have missed some of the most serious cybersecurity incidents in recent memory. Take a look at some real-world examples of insider cybersecurity threats.
The Facebook Snooper
Being stalked online is a scary experience – and it’s even scarier when the stalker is a social media insider with access to your data.
As many women will tell you, social media can be a dangerous place. Women are often warned to lock down their profiles and make sure that sensitive personal information is hidden to avoid being stalked or targeted for unwanted attention, often by men. But it’s not as easy to conceal your information from the social networks themselves, so it’s in the best interest of social media companies who want to maintain a good reputation to make sure that their employees aren’t using their access to users in intrusive ways.
Facebook, however, had to fire their own security engineer for using his access to stalk women online. And reports suggest that he may not have been the only employee abusing privileges this way. Incidents like this can be profoundly damaging to a company’s reputation, and by extension, to their bottom line.
The Tesla Software Sabotage
Tesla CEO Elon Musk has been in the public eye a lot during 2018. But one of the biggest news stories of the year about Elon Musk was from a leaked company email that claimed that an employee in a position of trust within the company was using their access to sabotage certain software systems. These included the symptoms that controlled the manufacturing process for the cars.
Interestingly, the employee in question has a different narrative – that he was attempting to act as a whistleblower, bringing problematic manufacturing practices to light. However, security experts suggest that either way, better cybersecurity may have prevented the insider sabotage.
The SunTrust Inside Job
If customers can’t trust a bank to keep their data safe, they won’t trust that bank with their money either.
It’s not entirely a new concept for a bank robbery to be an inside job. It’s just that these days, a robbery may look a little different and use more updated technology. SunTrust discovered how serious an inside job could be when they discovered an employee was attempting to share sensitive information – like names, addresses, phone numbers, and account balances – of customers with a criminal outside of the bank.
SunTrust says that the data was never sent. But it’s not hard to imagine what kinds of things a criminal could do with that information. Beyond just accessing customer’s SunTrust accounts, a criminal could use that information to access other existing accounts or steal identities to create new accounts – and the bank could be held responsible for the damages.
Strong cybersecurity measures protect your business and your clients. Because of the very serious threats that can come from inside your organization, employee monitoring should be an integral part of your cybersecurity plan. To find out more about how employee monitoring can work for you, Start your free 7-day trial.