Coming to terms with the Insider Threat

Yesterday I attended a FASTtalk CEO round table on the “The Threat from Within”. It’s interesting how important this subject has become following the spate of high profile data breaches over the last year. The threat has always been there, in fact, but the level of risk has increased substantially.

Potential spies, fraudsters and information brokers are always lurking in our organisations. They just don’t show themselves. But decades of progressive centralization, mergers and outsourcing have now made huge amounts of valuable data available to ordinary staff and contractors. It’s like putting large amounts of cash in the hands of ordinary people. The potential for error and the temptation to steal is so enormous that visible breaches are inevitable.

But incidents and risks have been building for many years. We just haven’t noticed them because incidents haven’t been properly uncovered, recorded or publicised. Organisations lose hundreds of laptops a year. Large procurements attract fraud. And valuable trade secrets attract espionage. It’s a healthy sign that at last we’re beginning to recognise these unpalatable facts.