In the third and final segment of our 'Employee Theft' series, IT Group experts, Jason Coyne and Tony Sykes, took part in a roundtable feature for Corporate Disputes magazine entitled 'Cyber Security and Employee Risks'.
In this article, our experts discuss the possible reasons behind this sudden surge and the strategies organisations need to adopt to enhance their internal cyber security.
CD: To what extent are you seeing a rise in cyber related employee theft? Are today’s companies at greater risk of discovering their electronic data has been copied or stolen?
Coyne: Employee theft has ballooned in the last year in particular. This is likely to be due to a number of technical and commercial factors. Perhaps the biggest technical factor is the rise of cloud-based management systems which allow users to access data from anywhere provided they have the correct credentials. Partner this with the fact that essentially everyone is now connected to the Internet via their mobile devices, and it is easy to see how a soon-to-be ex-employee could procure sensitive information for later use. It takes very little technical ability to access information in this way, and it is very difficult for firms to effectively protect against since the theft is being carried out by a ‘trusted’ source.
Sykes: Employee knowledge of forensic tools available to track down their misdemeanors is definitely lagging behind our capabilities and with mobile devices being the single highest means of stealing company data, ex-employees feel safe seemingly because they have the phone and we don’t. But we are assisting in many cases where locational data absolutely identifies the means by which company IP and data has been stolen. Combining this with more traditional cell site analysis and forensic data recovery and there are few opportunities to be assured of anonymity.
CD: In your experience, are malicious employees – who may be looking to harm a company or profit dishonestly from it – growing savvier about the value of business data they routinely handle, and the impact of its loss to a business?
Coyne: I don’t know whether or not such employees are growing savvier about the business impact of their actions, but they certainly seem to be growing savvier in terms of understanding the ease with which they can exploit cloud-based systems which are not tightly regulated.
We have dealt with a case in recent weeks where an employee had attempted to sell his employer's computer source code on one of the popular internet trading platforms. This caused significant concern as the source code had been licensed by his employer to many clients.
Sykes: I think this question is a natural segue from the first question. In my opinion knowledge and awareness is definitely lagging behind our capabilities to track and identify but there is definitely a greater understanding with regards to backups and recovery options. In a Crown Court case last year I had to track down and prove the perpetrator of a deletion, not only of the entire company’s database, but all their backups in a datacentre in London and their secondary cloud backups. While this was eventually done and most of the data was restored, the cost in real terms was very significant and while the Police did a very thorough and professional job, it was difficult at times to get the commitment from them because the view was (possibly quite justified) that no one was attacked, no one was killed - it was just data.
Read part 1 & 2 of the 'Employee Theft' series: