Sixty-six percent of data protection leaders admit that employees are the weakest link in an enterprise’s security posture, and 55 percent of organizations have had a security incident or data breach due to a malicious or negligent employee, according to the Ponemon Institute’s report on Managing Insider Risk through Training and Culture.
In the wake of massive data breaches such as those at the U.S. government’s Office of Personnel Management, health insurer Anthem and retailer Target, an enterprise’s initial reaction might be to tighten the security around networks and data. However, you may be forgetting one critical component: the insider threat.
Nearly 72 percent of U.S. federal actions involving employee theft in 2014 involved small businesses – organizations with fewer than 500 employees, according to the 2015 Hiscox Embezzlement Watchlist. Within that group, four of every five victim organizations had fewer than 100 employees, and more than half had fewer than 25 employees.