When organizations adapted to long-term remote work, the spotlight was cast on insider risk. With most employees continuing to work remotely some or all of the time, and with many operating in stressful and distracting environments, human-activated data breaches have skyrocketed.
There’s really no arguing anymore: People have become the company’s security perimeter.
People are the ones making decisions when a highly targeted zero-day phishing attack lands in their inbox. They’re also not perfect. It’s human nature to make mistakes, like sending an accidental email to the wrong client.
Because it’s subject to individual’s behavior, insider risk has become every organization’s most complex security issue. But it doesn’t have to be the case. With the right security protocols and technology, employees can become the company’s greatest security defense. To understand how to protect the human layer, it’s important to understand how human-activated data breaches happen.
People get hacked
Phishing attacks continue to rise, with cybercriminals employing highly convincing tactics and social engineering tools to target individuals and organizations. The COVID-19 pandemic accelerated an upward trend, giving cybercriminals new ways to trick victims and more opportunities to do so, with people accessing and sharing more content digitally.
Although phishing attacks originate externally, they’re fundamentally an insider risk. By the time a malicious email reaches an employee’s inbox, it’s already successfully bypassed company security protocols, making the employee the last line of defense.
People make mistakes
We’ve all received an email that wasn’t meant for us. While these incidents are often caused by simple human error, such as misuse of Outlook’s autocomplete function, outbound email data breaches are a pervasive problem driven by human error. These mistakes add up – in fact, our Outbound Email Security Report found that, on average, organizations experience an outbound email data breach every 12 working hours.
Remote work exacerbates this, with six-in-10 remote employees reporting that they’re working in environments where distractions and interruptions are common and lead to ongoing errors.
People break the rules
Employees can bend – or break – security rules when they have something to gain. It’s important to recognize that often, this isn’t done with malicious intent. Instead, busy employees sidestep security protocols to get the job done more quickly – for example, they might not bother with encrypting an email if they or their recipient are in a rush and the solution they use has a high level of user friction.
There’s also the risk of intentional exfiltration for material gain motivated by a variety of reasons. They might leave the organization and take client data with them to their new job, or they could even decide to leak data to the competition for financial gain.
How to protect the human layer
Protecting the human layer requires a two-pronged approach that combines intelligent technology with security awareness and education. When looking to technology, the answer to insider risk lies with solutions that leverage technologies like contextual machine learning, natural language processing, and data analytics. These products can detect highly targeted zero-day phishing attacks, as well as understand each individual user’s behavior to prevent human error, block intentionally risky actions, and ensure the protection of sensitive data.
It’s also important to empower employees through education, which can help to reduce incidents caused by inadvertent or risky behavior, and enable them to spot malicious attacks. By engaging with employees and educating them on the security risks they might encounter day-to-day, the company can ensure that its employees become part of a corporate security infrastructure and another powerful tool in the organization’s defense.
Tony Pepper, chief executive officer, Egress