Behavioral psychologists could do better than IT professionals in stopping insider threats, said two IT security experts at a conference in JP Morgan’s London offices.

“This isn't just a technical issue. A huge amount of our problems relate to human issues,” said one of the researchers according to SC Magazine. The two cited a range of 120 independent cases from 2013 to back their claims. These studies found that 88% of the insiders were permanent employees and nearly half were in management.  Money was the primary motivator for 47% of the data leakers followed by another 20% doing it for ‘ideological’ reasons.

The experts pointed out that historically, most inside data leakers were narcissists – for example Edward Snowden and Aldrich Ames. However, their findings focused on malicious insider leaks -- not the accidental data leaks caused by well-meaning employees.

Before running out and adding a psychologist to the company payroll, it is worth thinking about the well-known connection between technology and psychology in data security.
Research by the CERT, the Software Training Institute of the American Carnegie Mellon University, has shown that an insider data breach is often preceded by behavioral signals and unusual use of IT resources. Departing personnel have a well-earned reputation for taking customer lists and other data with them to their new position.

While rooting out any narcissists might be a good idea, there are other, more workable ways to increase the level of data security in your organization.

    1. Monitor employee activity  for any anomalies in data use at the endpoint computer. These can be uncovered by drops in productivity or by changed behavior such as a sudden increase in file uploads.
    1. Regularly review employee access rights to sensitive data. Studies show that organizations tend to hand out access rights, but not take them away when employees change positions.


And yes, you can do both of these security steps with Safetica.

Author
Safetica team

Next articles

Data Loss Prevention, Guide for 2022

Data is a company’s most precious asset, from copyrights and client lists to sensitive information about employees. Most data is now in electronic form. It is created and accessed through software, databases, and other tools, making it vulnerable to loss and theft.

Infotech: Safetica Product Scorecard

Product scorecards prepared by SoftwareReviews covers Net promoter score and planned renewal rates, feature and vendor capability breakdown, version and module satisfaction levels and comparisons by organization size, usage, and role.

2021 DLP Data Quadrant led by Safetica

SoftwareReviews named Safetica as award winner in 2021 Data Loss Prevention Data Quadrant. Get the in-depth report with DLP vendors comparison bellow.