– 36% of the respondents conveying ‘worry about the security threat from financially strapped employees’.
‘With more sophisticated technologies at their fingertips and increased access to data, it has become easier for current employees and other insiders, such as contractors, consultants, suppliers, and vendors, to steal information. Data thefts by insiders tend to have greater financial impact given the higher level of data access, and, when combined with the affect of today’s economic realities on IT security spend, this could mean even greater financial risk to corporations’. (Tim Shimeall, Carnegie Mellon University’s CERT/NetSA)
Ultimately, financial information becomes a recognized and sought after currency for employees. It presents much greater incentives (for employees – insiders of all stripes) to steal valuable, proprietary, competitive advantage information and data for (a.) personal financial gain, (b.) to try to improve their job opportunities by ‘peddling’ it to unscrupulous or naïve competitors, or (c.) to literally start companies of their own by using the knowledge and insight they gained (stole) from their former employer.
In addition, the substantial cutbacks in company travel have, for all practical purposes, significantly curtailed or altogether ended on-site visits, inspections, personnel training, and audits for safeguarding a company’s sensitive information assets. We can assume that in many instances, security practitioners are adapting to those realities by de-centralizing and delegating their ’information asset protection and oversight’ role to on-site personnel.