Just how damaging would an internal security breach be to an organisation? It’s hard to say. The trend of data breaches being reported in the media as ‘hack attacks’ and external threats needs to stop. Internal threats are real and further, they are more prevalent and need to be reported as so. We need to encourage organisations to consider their internal protocols and not only focus on external factors. The publics ability to trust an organisation that is breached internally is going to be hindered exponentially.
In the recent article by Consultancy UK, internal attacks were ranked as the most frequent in the organisations they studied. Whilst it is to be accepted that breaches will occur, internal and external, organisations must do more to show they are prepared.
Take Amazon, for example, this tech/retail/everything giant has vast amounts of customer data, that data is one of its biggest assets. Yet, the organisation is now having to launch an investigation into the possibility that Amazon staff have been selling customer data. With over 500,000 employees worldwide, we sympathise with the strenuous task that is maintaining internal security protocols. Yet, they are an example to us all that no matter who you are, you are at risk.
Some people may react blasé to the Amazon data breach, but what if that data was financial? Say your bank account… The SunTrust in America recently had to inform 1.5 million customers that some of their personal data may have been stolen by a malicious insider.
When searching online for internal breaches you will find reams of information and reports, so why is this not making it mainstream? The general public appears still to be imagining young people in hoodies ferociously typing at keyboards to steal data. Whilst this may be an issue, it is not the biggest one.
However, this article is not designed to criticise the media, but to get you and others in your organisation thinking about internal breaches. What are your protocols? What do you have in place?
If you would like to speak to us about how we have supported a variety of organisations in handling both internal and external breaches, get in touch now.
- 15th July 2019Third Party Data Protection
- 10th July 2019Two Fines in Two Days – ICO Plans to Fine Marriot £99m
- 10th July 2019ICO Issues A Record Fine for BA
- 2nd July 2019Do You Have True Visibility of Your Data?
- 18th June 2019Reduce Your Exposure to a Data Breach
- 15th May 2019Organisations Relationship with Cybersecurity and their Workforce – In Scope
- 9th May 2019Subject Access Requests
- 1st May 2019Data Discovery
- 26th April 2019Defence In Depth
- 23rd April 2019IT Systems Impact On Staff Wellbeing