October 26, 2017
Senior Analyst Joseph Blankenship discusses insider threats — how accidental and malicious misuse of company data threatens business performance and customer trust.
Joseph Blankenship, Senior Analyst
When we think corporate risk, we mostly think about cybersecurity and the growing risk from external threats — individual hackers, professional hacking organizations, and even nation-states. These high-profile risks have caught our attention and imagination.
We need to pay more attention to insider threats.
The release of confidential intellectual property (IP) or data can damage a firm’s prestige and reputation or destroy customer relationships and financial results. Edward Snowden, Reality Winner, WikiLeaks, and the Google versus Uber battle represent four front-page occurrences of insider theft and release of IP and data that placed a nation or companies at risk. What’s noteworthy about these examples is the simplicity of the act and the vibrancy of the market to sell the IP or data. The acts themselves were not terribly technical or elaborate; they didn’t require any preexisting infrastructure to execute. The market — whether it was the currency of disclosure or monetization — was immediate, global, and easy to access.
These examples also shine a light on the dark side of employee experience, ecosystems, the gig economy, and other human and business models now in vogue. Companies are giving more tools, access, and trust to employees, consultants, freelancers, and partners at a time when data and IP has become the fundamental currency of business. It makes perfect sense to create a business climate that can go fast, enable design thinking, and create value across ecosystems, but it also creates enormous risk.
In this episode, Joseph Blankenship discusses the current state of insider threats and the systems, processes, and mindset to confront risks while also putting appropriate energy toward new business models underpinned by data as currency.