APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Managed Services
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Managed Services

    Procurement

    Smart City

    Workflow

Menu
    • IBM
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    Editor's Pick (1 - 4 of 8)
    left
    Beautifully Autistic - Enabled To Make A Difference What Did My Children Teach Me About Life, Business, And Innovation?

    Ahmed Abukhater, CIO - Chief Innovation Office Boeing

    Fusing Business and Technology to Create Value

    Bob Hennessy, Group CIO, Lendlease [ASX: LLC]

    Data Security across the Enterprise

    Kas Nader, CIO & SVP of Global Technology, Atlanticus Holding

    Evolving Data Security Involves Database Architecture

    Tom Basiliere, CIO, Provant

    Hybrid Intelligence

    Sharam Hekmat, CIO, IOOF Holdings, Australia

    New Technologies bringing Revolution to Remote Access Solutions

    Vijender Yadav, Director & CTO, Propalms Network

    Using digital simulation to inform sustainable growth

    Shaun Nesbitt, Chief Digital and Information Officer, Urban

    Dyno Nobel A Dose of Our Own Medicine

    Sabina Janstrom, IT Director,Dyno Nobel.

    right

    Data Breach Threats Lurk Within

    Steve Doston, CISO & VP, First Advantage

    Tweet
    content-image

    Steve Doston, CISO & VP, First Advantage

    Almost every day, the media has a report of a cyber security breach. Target, Home Depot, Sony Pictures, Internal Revenue Service, the U.S. Government, big banks, hotels, and supermarkets have all been victims of cyber attacks. Recently a major league baseball team was accused of hacking a rival team’s data in a case of corporate espionage.

    "First Advantage conducted a survey of 337 professionals including human resources, risk management, and C-suite executives about their attitudes toward internal and external security threats"

    Billions of dollars are lost, reputations are damaged, and business is left disrupted in the wake of data breaches. And while the big names make the news, small businesses are proving to be equally vulnerable. A survey of 675 small businesses by the National Small Business Association found that half of them have been victims of information theft in 2014.

    The war against electronic data theft is being fought on two fronts, although one front makes more headlines than the other. External threats generate a lot of attention and rightly so. Online hacking rings and foreign governments are constantly scouring targets, sometimes making off with millions of records–credit card information, health records, employee data, and other personal information. However, the ongoing battle which is overlooked deals with intrusion from within the inside of organizations.

    A 2014 report from the Ponemon Institute, a research center dedicated to privacy and data protection, claims that 15 percent of the time, a trusted insider with malicious intent was the root cause of a data breach.

    A 2012 report from the Software Engineering Institute on Mitigating Insider Threats puts that figure even higher, stating that 21 percent of cybercrimes were committed by insiders.

    Workforce Screening for Better Data Protection

    The Computer Emergency Response Team (CERT) Program from Carnegie Mellon University’s Software Engineering Institute recommends using the hiring process as a starting point for mitigating insider threats. Measures such as background screening can help employers make trust-based hiring decisions. In fact, First Advantage conducted a survey of 337 professionals including human resources, risk management, and C-suite executives about their attitudes toward internal and external security threats. Sixty percent of respondents said background screening of new employees is the most important security control that can be put in place to protect organizations from data breaches. Anti-malware ranked second (53 percent), followed by physical security and physical access controls (39 percent).

    Human Resources and Security

    Organizations need to determine where their information assets are, what value they have and who has access to them. Human resources and information security professionals within the organization should develop a policy framework about what factors are appropriate for background screening for specific positions. If an employee has access to credit card information or other personal identifiable information, a background check might include a national and county level criminal history in all areas a candidate has lived or worked. It may also include a check on financial information such as credit history or bankruptcy filing. Screening may even involve a check of terrorist watch lists.

    Many employers think that background screening ends when the new hire comes onboard. Unfortunately that can be a shortsighted and risky approach. Life happens and circumstances change. Young people are less likelyto have a criminal record or bad credit initially, but could incur debt over time that needs to be serviced, potentially increasing their risk to the organization. People also change positions and have access to different levels and types of data. Companies should have a solid standards-based policy framework that includes continuous monitoring and updating of background information through a periodic rescreening process. Fortunately, technology now allows for groups of employees to be rescreened all at once for a fraction of the cost of the original background check.

    Preventing Breaches through Vendors

    Company supply chains and third-party business partners are other vulnerable points for attack. The massive Target data breach was traced to a third-party heating, ventilating and air conditioning partner that was hacked. It is wise to make inquiries about whether contractors, suppliers, and staffing firms have robust policies in place regarding background screening in addition to technology-based solutions to protect against deliberate or inadvertent data breaches.

    The information age has changed the way we do business, but it has also created new risks that can lead to catastrophic losses. To ensure the greatest possible protection of valuable company information, organizations would be well advised to think about both internal and external threats, maintaining a thorough employee screening program along with tight IT security measures.

    tag

    Financial

    Information Security

    Physical Security

    Weekly Brief

    loading
    Top 10 IBM Solution Companies - 2019
    ON THE DECK

    IBM 2019

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    AI Adoption in Hospitality: Striking the Balance Between Innovation, Excellence and Trust

    AI Adoption in Hospitality: Striking the Balance Between Innovation, Excellence and Trust

    Phiphat Khanonwet, Head of IT, Onyx Hospitality Group
    The AI Rat Race - Keeping Up with New Technologies or Waiting for Maturity?

    The AI Rat Race - Keeping Up with New Technologies or Waiting for Maturity?

    Andreas Kurz, Global Head of Digital Transformation, ALFAGOMMA Group
    The Role Of Digitalization In Transforming Airport Customer Experiences

    The Role Of Digitalization In Transforming Airport Customer Experiences

    Kebebew Bulto, Director Addis Ababa Bole International Airport, Ethiopian Airlines
    From Chemical Solutions to Data Center Innovations

    From Chemical Solutions to Data Center Innovations

    Akmal Zharif Bin Abdullah, Datacenter Manager, Aeon Credit Service (M) Berhad [KLSE: AEONCR]
    Ethics & Compliance in a Digital World: Navigating HCP Engagement in APAC

    Ethics & Compliance in a Digital World: Navigating HCP Engagement in APAC

    Sherene Cham, Regional Director, Ethics & Compliance – APAC, Menarini Group
    How AI is Driving Innovation and Customer-Centricity in Insurance

    How AI is Driving Innovation and Customer-Centricity in Insurance

    Xinfa Cai, Chief Innovation Officer, AIA Group
    The Impact of Smart Infrastructure on Growing Cities

    The Impact of Smart Infrastructure on Growing Cities

    Scott Edward Sidhom, Manager Infrastructure Planning, Liverpool City Council
    Transforming Engineering through Data Science

    Transforming Engineering through Data Science

    Agus Jamaludin, Data Scientist Lead, Petrosea
    Loading...
    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://ibm.apacciooutlook.com/cxoinsights/data-breach-threats-lurk-within-nwid-702.html