Don’t Ignore Insider Cyber Threats

Don’t Ignore Insider Cyber Threats

February 2, 2018 Business Insurance and Risk Management, The Beacon Blog 0 Comments

While news stories about cyber breaches mainly focus on threats from outside the organization (criminals or foreign governments), most breaches are “inside jobs”. In a worldwide survey by Kroll’s Global Fraud and Risk Report, former employees were the biggest security risk. Middle or senior level employees are almost as likely as junior employees to cause security incidents. While 34% of cyber attacks were random, 35% were caused by current and 28% by former employees.

Access to sensitive information is the biggest cyber risk.  Unless terminated employees are denied access your organization is at risk. While over 80% of companies restrict employees from installing software on company devices and have training programs, and over 75% have cybersecurity policies and procedures, they must be consistently enforced to be effective.

With malicious viruses and email phishing attacks on the rise, firms are at risk if employees are not trained to recognize and report them.

With cyber incidents considered the second most important risk of 2018 (next to business interruption) we must all be prepared.

About the Author

Harry Cylinder

Harry Cylinder, CPCU, ARM has spent nearly fifty years in the insurance industry, the majority of the time as a consultant. He has been employed by The Beacon Group of Companies since 2008, specializing in the review and analysis of property and casualty coverage forms. Mr. Cylinder has been reviewing policy forms as they have evolved over the past decades. In 2008 he published an article in the CPCU Journal which was the first description of cyber insurance coverage for a general insurance audience. Since that time he has regularly written on cyber and other topics for The Beacon Companies’ blog.