BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

People are Less Forgiving of Insider Threats than Outside Hacks

Posted April 6, 2012    Peter McCalister

A new study says that people are more likely to file a lawsuit against a company that experienced a data breach if that breach was the result of unauthorized disclosure or disposal of data than if the breach happened due to an outside hack. The study, titled Empirical Analysis of Data Breach Litigation, says “plaintiffs respond more to the careless or negligent handling by a firm of their personal information than to a firm’s inability to withstand a cyber-attack.”

As this research indicates, people are less tolerant or forgiving of missteps or carelessness with the handling of sensitive information internally, which should be a red flag to any company that has yet to institute identity and access management policies. Human nature is capricious and mistakes are inevitable – it’s unfortunate, but because these are indisputable characteristics of people companies are liable for taking the proper precautions to protect sensitive data.

The study also showed the chance of a lawsuit was 9.7 percent higher if the breach exposed financial information, while breaches involving social security numbers were negatively correlated with lawsuits, though the effect was relatively small at 2.4 percent. Any medical data or credit card data had no effect on the probability of litigation.

Regardless of what type of information your company has, be it sensitive customer data, or your own intellectual property, having the right insider threat protection policies can be the difference between forgiveness and a lawsuit.

Leave a Reply

Additional articles

randy franklin smith

At the End of Day You Can’t Control What Privileged Users Do: It’s about Detective/Deterrent Controls and Accountability

Posted March 31, 2015    Randy Franklin Smith

Live Webinar: Thursday, April 2, 2015 | 10am PT/1pm ET | REGISTER NOW! In this webinar, Security Expert Randy Franklin Smith will look at how to audit what admins do inside Linux and UNIX with sudo’s logging capabilities.

Tags:
, ,
BA_Hacked

British Airways Executive Club Member Accounts Hacked

Posted March 30, 2015    Brian Chappell

British Airways has released information regarding the hacking of a number of their Executive Club (BA’s frequent flyer programme) member’s accounts.

Tags:
, , ,
webinar_ondemand

On Demand Webinar – Why You Still Suck at Patching

Posted March 27, 2015    Lindsay Marsh

On Demand Webinar: Dave Shackleford recounts some of his personal experiences in patch management failure, and breaks down the most critical issues holding many teams back from patching more effectively.

Tags:
,