Your Biggest Cyber-Threat is Probably Your Employees

May 18, 2020 | Security , Cybersecurity

As the new normal continues, with no real signs of ending anytime soon, companies may have taken their eyes off the ball as to what their members of staff are up to with company data. Away from the work network, and the watchful eyes of their bosses, many people are feeling increasingly concerned about working from home: Will they have jobs to go back to? What is going on inside the companies that they work for? Perhaps they are being put under too much pressure by a manager and this is making them isolated.

From an employer’s point of view, which employees are most likely to take company data and use it for their own ends? How can this be detected with everyone working from home?

These Insider Threats are fast becoming the number one challenge for companies everywhere: overtaking phishing attacks and ransomware as the most likely cyber-security event to occur in a company. As many businesses migrate their data to the cloud, the $1.2bn data-loss prevention market is set to balloon to $3.8bn by 2025 according to Mordor Intelligence. That rise in value for this sector tells you a lot about the problem.

The term Insider Threats includes everything from employees accidentally sharing company data through to espionage and outright theft. The most usual motivations are vengeance against a company that an employee dislikes working for, and to make money. The more exotic motivations are usually only the stuff of Hollywood…

 Without crossing into the legally murky (at best) practices of monitoring what your employees are doing by looking at their browsing habits and emails, how can a company deal with this sort of thing? There are two clear strategies, and both of them are advisable to implement simultaneously.

The first strategy is an HR / management one: If you think it is possible that your employees would potentially do this then you have to ask yourself why. Are your members of staff unhappy? Is there a poor management culture that needs addressing? Maybe it’s a financial problem? Are your staff being adequately compensated for the work that they do? After some introspection and investigation, you may very well find that there are issues which perhaps you were not aware of. Fix these issues; make your staff happy.

Recommended reading


We are delighted to announce that we won Security Distributor of the Year at the 2021 The Computing Security ...

Cyber Essentials is changing on 24th January 2022 – Will you be ready?

Let’s assume that you know what Cyber Essentials is and that you realise that it is a good basic standard for ...

Why people don’t want to do their training and how to get around it

There are very few people in this world that think, “Oh goody! My next security training module now needs ...