Behavioral psychologists could do better than IT professionals in stopping insider threats, said two IT security experts at a conference in JP Morgan’s London offices.

“This isn't just a technical issue. A huge amount of our problems relate to human issues,” said one of the researchers according to SC Magazine. The two cited a range of 120 independent cases from 2013 to back their claims. These studies found that 88% of the insiders were permanent employees and nearly half were in management.  Money was the primary motivator for 47% of the data leakers followed by another 20% doing it for ‘ideological’ reasons.

The experts pointed out that historically, most inside data leakers were narcissists – for example Edward Snowden and Aldrich Ames. However, their findings focused on malicious insider leaks -- not the accidental data leaks caused by well-meaning employees.

Before running out and adding a psychologist to the company payroll, it is worth thinking about the well-known connection between technology and psychology in data security.
Research by the CERT, the Software Training Institute of the American Carnegie Mellon University, has shown that an insider data breach is often preceded by behavioral signals and unusual use of IT resources. Departing personnel have a well-earned reputation for taking customer lists and other data with them to their new position.

While rooting out any narcissists might be a good idea, there are other, more workable ways to increase the level of data security in your organization.

    1. Monitor employee activity  for any anomalies in data use at the endpoint computer. These can be uncovered by drops in productivity or by changed behavior such as a sudden increase in file uploads.
    1. Regularly review employee access rights to sensitive data. Studies show that organizations tend to hand out access rights, but not take them away when employees change positions.


And yes, you can do both of these security steps with Safetica.

Author
Safetica team

Next articles

Microsoft Identity Platform: Introduction

Do you need a reliable identity management service for your application? Don't reinvent the wheel by coding your own. Try Microsoft Identity Platform. This article will introduce you to the service and give you information on how to start adopting it.

10+1 Tips to Secure Your Company’s Data on Business Trips

Do not forget about data security when you go on a business trip. Read our 10+1 tips and make sure your data and devices are safe.

Safetica picks up 9 badges in the G2 Fall 2022 Reports

We are proud to announce that Safetica received 9 badges in the G2 Fall 2022 Reports, earning 3 new badges over the summer reports.