The insider threat

The risk of experiencing a data breach is higher than ever before. That’s as true for municipalities as it is for for-profit companies. In this week’s blog for Cyber Risk Awareness Month, we will focus on the single biggest cause of data breaches and privacy violations: EMPLOYEES.

525966495The Ponemon Institute estimates that 43 percent of organizations in the U.S. suffered at least one security incident in 2014. A shocking number of these incidents were attributable to employees. According to the 2015 Data Breach Trends report from Experian:

Between human error and malicious insiders, time has shown us the majority of data breaches originate inside company walls. Employees and negligence are the leading cause of security incidents but remain the least reported issue. According to industry research, this represented 59 percent of security incidents in the last year

Currently only 54 percent of organizations report they conduct security awareness training for employees and other stakeholders who have access to sensitive or confidential personal information.

The Experian report concludes that reducing the number of breaches in 2015 will require organizations to pay more attention to raising the security intelligence of employees.

Cyber resourcesThe VMLIP eRiskHub portal contains vital information that can help you do just that. Among the resources available to you in the eRiskHub:

  • Guide to Best-Practices Security and Privacy Awareness Training, developed especially for eRiskHub by Skillbridge, LLC.
  • Quick videos on social engineering and other employee-related vulnerabilities:
    • Password Identity
    • Defending Against Bots
    • Social Media
    • Social Engineering
    • Ransomware
  • Two security awareness training classes that your employees can complete in 30 minutes or less:
    • Security Awareness for End Users (20 minutes)
    • Security Awareness for IT Professionals (30 minutes)

Don’t despair! While insiders (employees, sub-contractors, third-party vendors and other trusted agents) probably constitute your single biggest cyber threat, it’s a vulnerability that is relatively easy to address.

Take advantage of the free resources available to you in the VMLIP eRiskHub! Login now and visit the Security & Privacy Training section for more information.

466503451If you have not registered for the VML eRiskHub we recommend you do so today. Registering is free to all VML pool members.

Directions for accessing the VMLIP eRiskHub® are available here.

After registering, you can access the hub immediately using your newly created credentials in the member login box located in the top right of the page.

VMLIP offers more than just coverage.  We are partners in risk management. How does your insurer stack up?  Having all lines of coverage with VMLIP ensures that your organization is receiving comprehensive coverage and a wide variety of value-added services tailored to Virginia’s local governmental entities.  Call for a quote today: (800) 963-6800. For more information on VMLIP visit: or follow us on Facebook.

** VMLIP blog postings are offered for VMLIP members to utilize in strengthening their risk management efforts. See copyright information for clarification on sharing this information.