A spotlight on insider risk to protect the digital enterprise

March 30, 2021
As the tide of insider risks continues to rise, it is critical for security teams to recast their tech stacks
What is one of the clearest indicators of insider risk? A resignation letter. You’ve surely heard about one such case that started five years ago when a highly compensated (nine figures highly compensated) and trusted engineer at Google took a trove of confidential documents and launched a competing start-up. He promptly sold the start-up to Uber. In 2018, Google and Uber agreed to a nine-figure settlement. A year after that, the engineer, Anthony Levandowski, faced nearly three dozen criminal charges for trade secret theft. He pleaded guilty and was sentenced to 18 months in jail. Just a few weeks ago, he inexplicably received a presidential pardon, setting a dangerous precedent about insider risk.

When we talk about insider risk, the cost isn’t arbitrary or theoretical. It can be millions – if not billions – of dollars. And, it’s one of the fastest-growing data security vulnerabilities organizations face today. With rapid digital transformation journeys being powered by collaboration technologies and cloud platforms, it’s never been easier for employees to secretly (like Levandowski) or inadvertently exfiltrate data. In fact, just the other day, we saw accidental data exfiltration and infiltration events at our company when data synced to personal iCloud accounts without user knowledge due to iCloud settings.  What does that look like?  A brand-new employee brought a virtual pile of documents from her prior employer, another security company.  The documents simply synced automatically to her iCloud account before she left her last employer and resynced on her new laptop at Code42 when she put in her iCloud account – she had no idea that Apple had turned on iCloud Drive by default.  This kind of exposure happens every day. And it’s going to continue to happen in today’s distributed work environments.

Code42’s latest Data Exposure Report on insider risk found that both business and security leaders are allowing massive insider risk problems to continue as a result of the shift to remote work in 2020. Insider risk will continue to hit organizations this year, and with the stakes this high, security teams must be prepared. Here are some tips to keep insider risk in check and preserve your digital enterprise this year:

Embrace, then secure the collaboration culture: The pandemic proved a few things to businesses. It showed that employees today are more likely to leak data than they were less than a year ago. But it also revealed that the collaboration culture – with widely distributed workforces that use file-sharing technologies – is highly productive and here to stay. Security teams must embrace shifts in workplace culture and adapt their insider risk strategies accordingly.

Adopt a new approach to data security: Organizations today are faced with multiple challenges when it comes to building and running insider tisk programs – including questions about data and program ownership, sub-par processes and tools, and anemic budgets. To improve their security posture, organizations must revamp their insider tisk strategies and directly address existing gaps in their programs.

Invest in modern insider risk technology: To secure the collaboration culture, technology cannot frustrate employees, impede and block legitimate work and collaboration, force productivity workarounds and leave security teams blind to file movements. As the tide of insider risks continues to rise, it is critical for security teams to recast their tech stacks.

As an unprecedented year, 2020 challenged organizations in ways we never thought possible. We were constantly forced to scramble to keep up with massive, sudden change. Security teams have been stretched thin – often facing budget and resource cuts at the same time – as they moved organizations fully remote overnight back in March. 

The massive business impact of insider risk is too-often overlooked. In fact, the Data Exposure Report shows that organizations are not even measuring the efficacy of their insider risk mitigation programs, and this inattention will threaten the future of the digital enterprise. If we want to keep our organizations safe and secure this year, while ensuring a strong, collaborative culture, we need to be proactive and ensure we have insider risk protocols, plans and technologies in place.

About the author:
Joe Payne is the President and CEO of Code42 Software. Joe is a seasoned executive with more than 20 years of leadership experience and a proven track record leading high-growth security and technology companies. With a passion for identifying and solving emerging market needs, Joe engages personally in product strategy and direction, while growing and providing vision and guidance to a world-class team of security executives