Don’t miss Insider Threat Awareness Month

“During National Insider Threat Awareness Month, the key message for organizations is to take a hard look at their security practices around employee offboarding and data protection,” O’Connor says. “It’s not a matter of if, but when, an insider threat incident will occur. Companies can significantly reduce the risk and impact of these threats by proactively implementing the right people, processes, and of course technologies. Bottom line – protecting against malicious insiders should be a top cybersecurity priority all year round.”

Unstructured data most vulnerable

National Insider Threat Awareness Month is meant to remind us “not to underestimate the significance of risks from within – regardless of whether they are malicious or a result of negligence,” says Carl D’Halluin, CTO at Datadobi.

“For a clearer picture of just how significant, the 2023 Cost of Insider Risks Global Report by the Ponemon Institute revealed that in 2023, the average annual cost of an insider risk rose to $16.2 million per organization, while the average time to contain an incident extended to 86 days, compared to $15.4 million and 85 days in 2022,” D’Halluin said.

These kinds of statistics are staggeringly worrisome.

Surprisingly, it is unstructured data that is the most vulnerable because of its predominance, D’Halluin adds. Unstructured data “is the most difficult to manage, secure, and protect, and it often contains valuable and sensitive information making it rather attractive to those that wish to exploit it for personal gain or corporate sabotage,” D’Halluin says.

PDFs need robust protection

Even seemingly harmless data files – like PDFs – can invite insider threats, says DeeDee Kato, vice president of corporate marketing at Foxit.