Remote Insider Data Theft Worries Financial Industry
As the pandemic rages on, more companies are concerned about the growing risk of insider theft
Remote work has changed the cybersecurity landscape and has required IT and security staff to rethink where the greatest risks are with a WFH employee base versus onsite. A year ago, who would have thought that VPNs and their vulnerabilities or videoconferencing and Zoom bombing would have even considered a cyberthreat?
But even as some risks have changed, others have stayed the same, if not a little more pronounced. The concerns about COVID-19-related phishing attacks continue to loom large, even eight months into the pandemic, for instance. But one area of risk that hasn’t gotten a lot of attention is the insider threat and data theft.
Remote Worker Threat
Insider threats have been traditionally categorized as accidental or malicious, but now a new category—remote worker—has been added.
“In addition to connecting to the corporate network through a potentially non-secure home or public network, these employees may also be using personal devices that were not procured, configured and secured by IT, further compounding the problem,” Renee Tarun, deputy CISO and vice president, information security at Fortinet, wrote. “There is less oversight and fewer restrictions in a work-from-home environment, which, unfortunately, can lead to relaxed attitudes around security.”
The relaxed security has led to an increase in insider threats during pandemic WFH period, as the number of workers bypassing security protocols has skyrocketed, according to a study from DTEX Systems. Another remote insider threat increase is from data theft, as 72% of companies reported data theft of intellectual property from off-boarding employees.
Concerns Surrounding Financial Data
It isn’t just intellectual property theft causing concern. Any data theft is worrisome, and it is much easier to occur in remote work, where it is easier to do without getting caught. Workers can bypass VPN connections to gain access to the network, or they can download data to the personal device they are using or share the data from one device to another. Who would know, without careful monitoring?
That’s exactly the type of problem that organizations are worried about, according to a new study from Netwrix. According to the “2020 Netwrix Cyber Threats Report,” “66 percent of respondents are anxious about the possibility of data theft by employees (increased by 12 percentage points [from the last report]).”
The study also found that the financial industry showed the most drastic changes in cybersecurity priorities, with an increase of organizations prioritizing deliberate data theft, more than doubling from 30% pre-pandemic to 70%. However, concerns about accidental data sharing dropped to 50% from 80% of companies.
The hectic and challenging switch from onsite to remote work heightened awareness of cyberthreats caused by WFH insiders. Nearly one-third of financial organizations believe there is a greater cybersecurity risk now than they were pre-pandemic, and almost two-thirds are concerned about both more frequent cyberattacks and the security gaps caused by remote work.
“In the financial sector, concern about malicious access to sensitive data skyrocketed in the first few months of the pandemic, more so than in any other vertical. However, the majority of incidents at financial organizations during that period were actually caused by the human element. To minimize both malicious and inadvertent data loss, this industry should heed cybersecurity experts, who recommend combining regular end-user training with flexible solutions that can proactively identify and protect sensitive data and spot attacks before they become breaches,” said Ilia Sotnikov, VP of product management at Netwrix, in a formal statement.
Deterring Remote Insider Data Theft
Steps such as better cybersecurity awareness education and security teams improving their overall surveillance operations—or at least returning to the standards of the onsite work ethic—will help reduce cybersecurity risks. Deterring data theft takes a little more strategy. Actions such as encrypting sensitive data when at rest and preventing employees from downloading sensitive data to personal devices will help. Tightening access credentials will ensure that employees are limited to what data they can see or use. And monitoring for unusual behaviors and activity will alert security and IT that they may want to investigate the situation a little deeper. Yes, people may be working odd hours during WFH, as they balance work life and home life from one location, but the company should be notified if there is going to be changes in the schedule.
Remote work is going to continue. Insider threats are going to continue. So organizations need to plan how they will not only protect from cyberthreats but also from data theft.
