For years now, the most successful organizations have been creating competitive advantage by fostering cultures rooted in speed and agility. The pandemic slammed the gas pedal on this digital transformation. The upside of this transformation is self-evident: Businesses are unleashing the ingenuity of their people by freeing them to work in new, faster, smarter ways to drive productivity and innovation. But there’s a downside that’s a lot harder to see. This agile, cloud-powered collaboration culture naturally leads to insider risk. Insider risk focuses on the idea that, more often than not, data leaks are accidental. An insider risk mindset argues that intentions don’t always matter; regardless of intention, data leaks jeopardize the financial, reputational, or operational well-being of a company, as well as its employees, customers, and partners. Most organizations don’t have a firm grasp on the growing insider risk challenge -- and they aren’t seeing how new ways of working are putting valuable files and data at serious risk.
The Growing Insider Risk
Remote work and decentralized collaboration are here to stay. And in this new work-from-anywhere world, files are constantly on the move -- between endpoints, to and from the cloud, on and off the network. Most of this file activity is harmless. But a surprising (and alarming) amount of file activity puts business value directly at risk -- and that risk activity is growing. A recent report from the Aberdeen Group showed that the average number of data exposure events -- e.g., insiders moving enterprise files to untrusted locations via email, messaging, cloud, or removable media -- is 13 data exposure events per user, per day. The insider risk problem will continue to grow considering the rapid acceleration of digital transformation in the post-pandemic world of work. Most IT security leaders expect insider risks to continue to increase over the next two years, and Code42 research from spring 2021 showed that employees are a whopping 85% more likely to lose or leak files and data than they were before the pandemic.
Everyday Activity Causing Big Damage for Businesses
The most challenging part of insider risk is homing in on the truly risky activity amid the everyday noise of harmless file activity. But here’s a closely related challenge: Most risky activity isn’t malicious or intentional; it’s just everyday employees, trying to get everyday work done. In fact, insider risk often comes from your most productive and innovative employees finding shortcuts to faster, smarter ways of working -- and unknowingly exposing files to risk. The impact of these everyday risks is no joke.
The Aberdeen Group report showed that 25% of insider data breaches involve intellectual property (IP). The report gave two ways for businesses to think about the potential cost of having their IP exposed through insider risk: Up to 20% of a company’s revenue -- or as much as 440% of the revenue generated by the exposed IP. Just because the behavior isn’t intentionally malicious doesn’t mean it’s not hurting your business -- in a big way.
You Can’t Tolerate Something You Don’t Understand
More and more organizations today are shifting from the conventional “risk prevention” model to the more modern “risk tolerance” paradigm for data security. But the truth is that insider risk remains a major blind spot in most organizations -- a blind spot that is growing at the speed of cloud-powered collaboration. Security teams can’t see all their users’ file activity -- on the endpoint, in the cloud, remote, on and off the network. And what they can see is shrouded by the noise of all the harmless everyday activity. They can’t get a clear signal of their biggest risks.
Without visibility and understanding of insider risk, it’s not really an empowered stance of risk tolerance -- it’s more like involuntary risk acceptance.
Enabling Business Agility Starts with understanding Insider Risk
If organizations want to continue fostering speed and agility to improve business outcomes -- freeing employees to work in new, better, smarter ways -- they must understand the inherent risk created. They need to recognize the problem that insider risk presents to their business. And then work to gain a better understanding of what risk looks like in their organization: identifying their most valuable and vulnerable files and data; recognizing the potential cost of losing that IP; and gaining visibility to the biggest insider risks to that IP. With this solid foundation of understanding, IT and security teams can take an empowered stance on enabling the business and tolerating risk -- while protecting data and business value.
To get started with your own Insider Risk Management program in 5 simple steps, please visit https://www.code42.com/insider-risk-management/.
Mark Wojtasiak is co-author of the book Inside Jobs: Why Insider Risk is the Biggest Cyber Threat You Can't Ignore, vice president of portfolio marketing for Code42, and frequent cybersecurity blog contributor. In his role at Code42, he leads the market research, competitive intelligence, and product marketing teams. Mark joined Code42, a leader in insider risk detection and response, in 2016 bringing more than 20 years of B2B data storage, cloud, and data security experience with him, including several roles in marketing and product management at Seagate.