A Data Spill, or Data Leak, is the accidental or deliberate exposure of information into an unauthorized environment. Data spillage is often the result of hackers breaking into company networks and systems who then steal sensitive information to sell on the Dark Web. Sensitive information can includes things like Social Security Numbers, credit card numbers, banking information, health information, or login credentials (usernames and passwords).
Accidental Insider Threats to Critical Data:
While hackers can put critical data in the wrong hands, employees can too. Employee caused “data leaks” can be accidental such as when an employee mistakenly exposes critical or sensitive data to the Internet. These incidents may occur with zero malicious intent making the incident accidental in nature. Yet, they can still be very damaging to the company in question. Examples abound of accidental insider threats to your critical data. For example, when an employee:
- accidentally deletes an important document
- falls victim to a spear-phishing attack introducing ransomware into a company’s network
- accidentally shares more information with a client or 3rd party than they are legally allowed to
Purposeful Inside Threats to Critical Data
On the other hand, some employee based data exposure events are entirely purposeful. Disgruntled employees can plant logic bombs that destroy data following termination. Other employees may need cash for some addiction (gambling, drugs, or sex for example), and may seek to sell your companies trade secrets to the competition for cash.
Source: Cyber.Gov.Au, NIST
Related Terms: Accidental Insider Threat, Hackers, Phishing
Amazon Investigating Employee Data Theft
What Should SMB’s Do?
SMBs are victims of too many cyberattacks. These breaches lead to reputation and financial damage for the SMB. The best way to reduce the likelihood of a Data Spill, through hackers or a disgruntled employee, is by educating your staff on best practices. Aware employees are more capable of identifying risky situations that could lead to a breach. They’re more likely to spot strange behaviors by employees who might be stealing data.
Educating your staff to be vigilant in watching for inside threats or mistakes is a critical piece of your SMB cybersecurity awareness program.
Here are a few prevention tips to reduce the risk of this happening:
- implement the Principle of Least Privilege by removing admin rights from employees operating windows computers
- monitor computer systems to see where data is coming from and who is accessing it
- implement Data Loss Prevention technologies on your email systems to spot critical and sensitive data leaving your business via email
- train employees on the cybersecurity basics
- phish test employees to keep them vigilant in their inboxes
- govern staff with policies to guide behaviors and independent decision making
- regularly backup all your critical data using the 3-2-1 approach
There are other steps one can take, but the above actions represent a good starting place for SMB owners to building a strong cybersecurity program. With awareness comes better security.