Shield Your Business From Cybercrime by Countering Threats From Within

While it’s hard to estimate the cost of cybercrime, experts agree the number is massive, and on the rise.

“The global figure has been put at around $200 billion annually,” said Kurt Baumgarten, head of Information Security & Technology Management at Linedata in Boston, in an interview with Forbes. “Or, looking at it from the retail level, $670 million in associated costs through theft, time loss, identify theft, etc.”

For business leaders, the temptation is to look for threats of any kind as coming from external sources — people you don’t know trying to rip you off through unscrupulous and criminal methods. But by neglecting internal threats — whether accidental or intentional — you could be putting your business at a much higher risk for cybercrime.

In some cases, internal threats have climbed to never-before-seen levels. Business Insider recently reported on a bold move by hackers in Ireland: trying to bribe Apple employees in an attempt to gain access to the corporation’s data. The offer? More than $20,000 in exchange for valid login credentials.

That approach may be unconventional, but it’s not unthinkable that an employee could open the door to a security breach. In one notable internal hacking incident, a Morgan Stanley adviser allegedly gained personal data on thousands of the company’s clients, with some of that data ending up online.

“All too often when people think of cybersecurity, they are thinking of a hacker or a virus,” said Brian Edelman, chief executive of Financial Computer Services, a company that works primarily in cybersecurity, in an Investment News article. That misguided view continues to cripple businesses of all kinds, in every industry.

Protective measures businesses must take against insider cyber threats include:

• Conduct an analysis to determine data security vulnerabilities.
• Classify data that need different layers of protection.
• Develop a loss prevention plan.
• Develop security measures that restrict access to critical data.
• Use data loss prevention technologies that allow for real-time network activity monitoring, and system status monitoring for internal and external activity.
• Limit employees who have access to different types of data.
• Implement system-wide encryption.

As data threats evolve, we invite you to sign up for monthly updates and insights on how to best protect your business and the data under your care.

• Infographic: The 22 Data Center Compliance Acronyms You Need to Know
• White Paper: Why Data Center Compartmentalization is Important
• Lifeline One Sheet: What You Need to Know About Lifeline Data Centers

Rich Banta

Managing Member at Lifeline Data Centers

Rich is responsible for Compliance and Certifications, Data Center Operations, Information Technology, and Client Concierge Services. Rich has an extensive background in server and network management, large scale wide-area networks, storage, business continuity, and monitoring. Rich is a former CTO of a major health care system. Rich is hands-on every day in the data centers. He also holds many certifications, including: CISA – Certified Information Systems Auditor CRISC – Certified in Risk & Information Systems Management CDCE – Certified Data Center Expert CDCDP – Certified Data Center Design Professional