In the News
Many company breaches occur as a result of outside attackers, but this is not always the case. In No Smiles for Coca-Cola After Data Breach, Kacy Zurkus discusses a breach of employee information caused by a former employee stealing a company hard drive. Zurkus explains that Coca-Cola does not believe that the information was used in a malicious way, but is offering free identity monitoring services regardless.
Our Take
It’s easy to forget, amongst all the news of foreign hackers and dark web sales, that insiders often pose the greatest threat to company data. Employees are already on the other side of many of the controls a company puts in place to protect its assets, which means that both mistakes and intentionally malicious activities have a greater chance of compromising data. Companies must provide employees with the appropriate level of access to do their jobs, but also ensure that there is sufficient oversight to detect and prevent actions that could result in the loss of data confidentiality or integrity.
Recommendations
There may not be much you can do to influence a company’s internal processes aside from taking your business elsewhere–and no company is free from risk when it comes to cybersecurity. Staying up-to-date on security breaches and following a company’s response is key to ensuring that you are in a position to act if your data has been exposed.