Accounting for Law
Legal Suppliers

The growing security risk to organizations from ‘insiders’

Organizations need to be increasingly vigilant about protecting their financial and proprietary data because of risks from employees or others with insider information, Jim Downs, managing director of MKD International Inc., tells Forensic Accounting and Fraud, a special supplement published by The Bottom Line and The Lawyers Weekly.

“An insider is usually but not always an employee, and what they’re after may be money but is more likely to be proprietary information of some kind, such as financial data, client lists, product designs or trade secrets,” Downs says.

Those with insider information include contractors and other business partners with access to the organization’s data, says the article. 

“Insiders who threaten an organization may be acting maliciously or they may be unwitting parties to a security breach, perhaps by mistakenly e-mailing confidential data outside the organization or by inadvertently downloading ransomware, allowing an outside attacker to take over the privileges of an inside account,” says the article. 

A 2016 study conducted by the Ponemon Institute and sponsored by the company, Varonis, highlights the extent of insider threats, says the article. Surveying organizations in the U.S. and Europe about how well they protect their corporate data, it found that 75 per cent of organizations reported being the victim of a loss or theft of important data over the past two years — that was up from two-thirds of organizations surveyed in a 2014 report, it says.

“Ponemon also found that 88 per cent of end users said their jobs required them to access and use proprietary information, again higher than 76 per cent two years earlier. However, 62 per cent said they had access to company data they probably shouldn’t see,” says the article. 

Downs, a retired Toronto police detective who co-founded the investigative firm MKD, says when an insider threat is suspected, “there are ways of flagging cyber intrusions.

“You can track their activity if management thinks something odd is going on,” he says. 

Downs says that as security measures evolve, the techniques used by the attackers do as well. He notes that the root cause of the problem hasn’t changed: “It all comes down to people,” he says. “People and money.” 

To Read More MKD International Inc. Posts Click Here
Lawyer Directory
New Media Forensics (keep up until June 30, 2019)Toronto Lawyers Association (post to 6.30.19)MKD International (post until Sept. 30/18)Feldstein Family Law (post until May 31/19)Lexop VR Law/Victoria Romero (post until June 30/19)Benson Percival Brown - Flat Box Ad Unit - 300x125Leanne Townsend