Security Expert: An insider with malicious intent who works for your organisation has already bypassed the majority of your security features without having to do anything other than log on to their desktop.
Databasable is an IT consultancy firm that provides database administration support and specializes in moving your databases and applications into the cloud. Founded by Marc Weaver in 2015, databasable uses his vast employment experience from large financial institutions in London, Sydney, and New York.
"Obviously a data security breach from an outsider will result in..."
Bad publicity, angry customers, legal issues, and loss of reputation. However, I believe this type of intrusion to be less than the threat from insiders.
An insider with malicious intent who works for your organization has already bypassed the majority of your security features without having to do anything other than log on to their desktop. This is compounded by the fact that due to cost cutting or poor management, employees often have multiple responsibilities that give them elevated access to sensitive data which results in a conflict of interest. For example, a developer who is also providing application support.
And not all data security threats occur due to malicious intent. I've witnessed the occurrence of numerous data issues due to mistakes made by people who are permitted to have access to the data in question.
All of this points to insiders being a greater threat than outsiders, even though the actual breach or end result may be less severe than an external breach.
Cleard.life: Check your pre-employment security standards and measures and make sure you have background screening process in place, which delves into security practices in the past, checking for financial pressure and mental health & holding grudges.
Source: 47 Security Experts weigh in the issue: https://digitalguardian.com/blog/insider-outsider-data-security-threats
More articles that maybe of interest: