Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Advertising and Sponsorship
    • Profile & Readership
    • Contact Us
    • Latest News
    • Privacy & Cookies Policies
    • Terms of Use
    • Advertising Terms
    • Issue 81
    • Issue 80
    • Issue 79
    • Issue 78
    • Issue 77
    • Issue 76
    • Issue 75
    • Issue 74
    • Issue 73
    • Issue 72
    • Issue 71
    • Issue 70
    • View All
    • About the Awards
    • Awards Timetable
    • Awards Winners
    • Submit Nominations
    • Testimonials
    • Media Room
    • FAQ
    • Asset Management Awards
    • Brand of the Year Awards
    • Business Awards
    • Cash Management Banking Awards
    • Banking Technology Awards
    • CEO Awards
    • Customer Service Awards
    • CSR Awards
    • Deal of the Year Awards
    • Corporate Governance Awards
    • Corporate Banking Awards
    • Digital Transformation Awards
    • Fintech Awards
    • Education & Training Awards
    • ESG & Sustainability Awards
    • ESG Awards
    • Forex Banking Awards
    • Innovation Awards
    • Insurance & Takaful Awards
    • Investment Banking Awards
    • Banking Awards
    • Banking Innovation Awards
    • Digital Banking Awards
    • Finance Awards
    • Investor Relations Awards
    • Leadership Awards
    • Islamic Banking Awards
    • Real Estate Awards
    • Project Finance Awards
    • Process & Product Awards
    • Telecommunication Awards
    • HR & Recruitment Awards
    • Trade Finance Awards
    • The Next 100 Global Awards
    • Wealth Management Awards
    • Travel Awards
    • Years of Excellence Awards
    • Publishing Principles
    • Ownership & Funding
    • Corrections Policy
    • Editorial Code of Ethics
    • Diversity & Inclusion Policy
    • Fact Checking Policy
    • Financial Awards
    • Private Banking Awards
    • Private Banking Innovation Awards
    • Retail Banking Awards
    Original content: Global Banking and Finance Review - https://www.globalbankingandfinance.com

    A global financial intelligence and recognition platform delivering authoritative insights, data-driven analysis, and institutional benchmarking across Banking, Capital Markets, Investment, Technology, and Financial Infrastructure.

    Copyright © 2010-2026 - All Rights Reserved. | Sitemap | Tags

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    1. Home
    2. >Business
    3. >Insider threats should remain a real concern for businesses as criminals look for ‘easy access’
    Business

    Insider Threats Should Remain a Real Concern for Businesses as Criminals Look for ‘easy Access’

    Published by Gbaf News

    Posted on May 29, 2020

    5 min read

    Last updated: January 21, 2026

    Add as preferred source on Google
    This image highlights the concept of insider threats to businesses, emphasizing the risks of employee mistakes in data security as discussed in the article about protecting sensitive information.
    Illustration of insider threats in business security - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    By AJ Thompson, CCO at Northdoor 

    Recent report from the Ponemon Institute highlights this concern with business leaders more concerned about accidental insider threat than hacking

     The threat of employees accidentally giving cyber criminals access to sensitive data remains a real problem for organisations. For years the old adage of employees remaining your weakest link has remained true and a recent report from the Ponemon Institute has backed this up.

    The 2020 Global Encryption Trends Study has shown that 54 percent of respondents identified employee mistakes as the top threat to sensitive data, by far the biggest threat with system or process malfunction (31 percent) and hackers (29 percent) following someway behind.

    The fact that employees remains the biggest threat is a real issue. It means that employees have not fully embraced or learnt to take security practices seriously, organisations have not effectively communicated the importance or cyber criminals have continued to enhance their weapons to gain access. It is of course a mixture of all of these things, but organisations have to find ways to better protect sensitive data from this threat. The stakes have never been higher.

    The cost of the Insider Threat and data exposure

    The importance of protecting data is now so high profile, any loss of data is a national story. The public, politicians and regulators now have such a good understanding of the value of data that every company holding data is under huge scrutiny.

    The financial cost is bad enough. Again, the Ponemon Institute in its 2018 Cost of Insider Threats study showed that the average cost of an insider-related incident is around $513,000, with insider-related incidents costing companies up to $8.76 million a year. It is not just a financial concern though.

    The introduction of regulations such as GDPR has thrown data into the spotlight like never before. The public and particularly the media now have a full understanding of its value and the importance of securing it. Therefore, any breach makes front page headlines, causing huge damage to the company, no matter how the data was exposed.

    Communicating the threat

    Communicating the importance of data and securing it has to be high on an organisation’s agenda, alongside finding technological solutions to combat it. The key is how you communicate. Bringing employees along the journey of implementing new technology and highlighting the importance of following security policies is crucial

    The amount of resource implemented to combat the threat of malicious outsider threats become a waste of time if your employees are leaving the door open anyway. Buy-in is crucial.

    Part of gaining this buy-in is industrialising the process of data protection. Taking away the emphasis on individuals and manual processes and automating data collection and protection is a crucial step to secure employee buy-in.

    By emphasising the importance of sticking to security guidelines and being aware of the latest threats and the methods that criminals are using to infiltrate infrastructure, as well as bringing them on the journey of implementing new technology, ensures that employees are more aware of doing the right thing at the right time.

    The impact of COVID-19

    The impact of the coronavirus is likely to impact the nature of the accidental insider threat. The fact that individual mistakes were happening inside the corporate environment where security was heightened and the IT/security teams could keep a closer eye on activity, means that in the new reality we are all living in, where more people than ever are working at home, and are likely to continue to do so, the threat is greater than ever.

    Insecure broadband connections, a more relaxed attitude to security practices with individuals more tempted to open links and emails that they might not have in the office, and away from the eyes of the IT department and yet still connected to the corporate infrastructure, all means that this is a vulnerable moment for many companies.

    It is this accidental insider threat that is so difficult to deal with, especially away from the corporate environment. With the working from home trend very likely to remain after the threat from COVID-19 fades away, companies have to work out better security practices that incorporate the challenges working from home bring.

    Again, automating the process of data protection will help with this the working from home trend, but securing buy-in from employees remains critical.

    Don’t just tick the regulatory boxes, be secure

    The regulatory landscape around data is an increasingly complex one. The introduction of GDPR is a great example of where regulations are being introduced to combat the threat of data breaches. It is also a good example of how companies are rushing to ensure that they adhere to such regulations. The sheer panic caused by GDPR with companies rushing to tick the boxes of adherence was there for all to see.

    However, companies should not be thinking “are we compliant” but rather, “are we secure’. There is a difference, regulations cannot be introduced at the speed criminals can implement new, sophisticated technology to gain access. By being compliant you are only as secure as the threat was at the time the regulations were drawn up; it is likely the criminal is already two or three steps ahead.

    Being proactive and ensuring best practice security measures are introduced, over and above the regulatory requirements, means that the threat of the accidental insider actions are somewhat nulled, whilst preparing organisations for future regulations.

    We are living through unprecedented times, but as we have seen this seems to act as an incentive for cyber criminals to up their activity. This, alongside, more employees than ever working at home, away from corporate environments, means companies have to be on the front foot. Being proactive in their approach, ensuring that employees are fully brought in, whilst industrialising data processes and security will be crucial over the coming months.

    More from Business

    Explore more articles in the Business category

    Image for The Power of Pricing: How Smart Pricing Strategies Drive Profitability and Growth
    The Power of Pricing: How Smart Pricing Strategies Drive Profitability and Growth
    Image for Why Customer Experience Now Defines Success
    Why Customer Experience Now Defines Success
    Image for The New Cost Playbook: Why Strategic Spending Matters More Than Cutting Costs
    The New Cost Playbook: Why Strategic Spending Matters More Than Cutting Costs
    Image for The Trust Economy: Why Credibility and Transparency Are Driving Business Success
    The Trust Economy: Why Credibility and Transparency Are Driving Business Success
    Image for The Hidden Profit Engine: Why Operational Efficiency Is Redefining Business Performance
    The Hidden Profit Engine: Why Operational Efficiency Is Redefining Business Performance
    Image for Built to Withstand: Why Resilience Is Now the Foundation of Sustainable Business Growth
    Built to Withstand: Why Resilience Is Now the Foundation of Sustainable Business Growth
    Image for The Agility Imperative: How Fast-Moving Businesses Are Outpacing the Competition
    The Agility Imperative: How Fast-Moving Businesses Are Outpacing the Competition
    Image for From Instinct to Insight: The Shift to Data
    From Instinct to Insight: The Shift to Data
    Image for Growth Without Chaos: How Businesses Can Scale Efficiently and Sustainably
    Growth Without Chaos: How Businesses Can Scale Efficiently and Sustainably
    Image for From Spreadsheets to AI: The Future of Cash Flow Forecasting for SMEs
    From Spreadsheets to Ai: The Future of Cash Flow Forecasting for SMEs
    Image for Apply Now: Best Leadership Development Program 2026
    Apply Now: Best Leadership Development Program 2026
    Image for The Role of Education in Building Retirement Confidence
    The Role of Education in Building Retirement Confidence
    View All Business Posts
    Previous Business PostBusiness Casuals for Women
    Next Business PostSecurity Risk From Remote Workers Is a Problem for HR as Well as IT