Reducing Cybersecurity Threats from Employee Conduct

Q.  What can my company do to reduce the threat that one of our employees may cause a cyberattack?

A.  In September 2017, Equifax announced that hackers had gained access to the confidential information of more than 145 million consumers, almost half of the U.S. population.  Recent cases suggest that employers could be subject to liability when one of their employees causes a data breach by either knowingly or negligently revealing sensitive employee or customer data. In March 2016, for example, Snapchat announced that someone posing as the company’s chief executive officer obtained employee payroll data about 700 employees. More than seven other companies were tricked by similar phishing attacks that same year.

Companies often are surprised to learn that their biggest security threats come from their own employees. These risks range from the use of weak passwords to clicking on corrupt internet links to theft of sensitive data. The risk a cyberattack also extends to mobile devices accessed from employees’ homes.

There are several things that employers can do to tighten controls on their data.  For more information on how to tighten employee security, read here.

–Tracey E. Diamond