Since the first computer worm in 1989 created by Robert Morris, incidents related to security issues have taken their toll and continue to happen to this day, albeit with an increased number of security threat cases. What’s more disturbing, is that the majority of the security issues come from within a company or organization. 

According to Information Security Timelines and Statistics HACKMAGEDDON May 2016 cyber-attacks statistics showed that 16.7% of cyber-attacks happen to software, 16.7% to restaurants, 11.1 % to defence contractor and the rest of 55.6 % composed of industries such as Retail, E-commerce, Payroll Services, Car rental, Sportswear, Networking, Job Search, Internet Services, Broadcast, and Financial service.

On a 2014 issue by Harvard Business Review entitled “The Danger from Within” cases like the 2013 cyber-attack on Target that was caused by an insider were taken into consideration.

“The damage they cause may include suspension of operations, loss of intellectual property, reputational harm, plummeting investor and customer confidence, and leaks of sensitive information to third parties, including the media. According to various estimates, at least 80 million insider attacks occur in the United States each year. But the number may be much higher, because they often go unreported. Clearly, their impact now totals in the tens of billions of dollars a year,” according to Harvard Business Review.

It’s true, a current of recently fired employee can cause much more damage compared to an outsider that does not have the same insights an insider has. They are more dangerous, have more chances in their hands if they decide to do so and can easily blackmail the company if they have certain information that can be used to bring a company down or continuously threaten it.

As Harvard Business Review issue stated, there are far more cases than the reported number everyone gets exposed to. Technology and social media is coming “in handy” during the cyber-attack cases as fragile information can get exposed all over the world with just a single click.

“The so-called romance scam, in which an employee is coaxed or tricked into sharing sensitive data by a sophisticated conman posing as a suitor on a dating website, has proved to be particularly effective. Other strategies include using knowledge gained through social networks to pressure employees: A cyberblackmailer may threaten to delete computer files or install pornographic images on a victim’s office PC unless the sensitive information is delivered,” according to the report.

What can be done in order to prevent these cases from happening is to adopt a robust insider policy, raise awareness, look out for threats when hiring, employ rigorous subcontracting processes, and monitor the employees. You can read the five steps to take immediately in order to lower a company’s vulnerability as much as possible in details here.

Image source: http://www.hackmageddon.com/