Connect with us

Hi, what are you looking for?


The root cause of insider threats rests with the company itself

Insider threats are a critical cybersecurity risk. How well are you in control?

Image: © AFP
Image: © AFP

The fintech company Block recently confirmed at data breach involving a former employee. The individual reportedly downloaded update reports from Cash App containing customer information.

A statement from Block (the company that was formerly known as Square): “While this employee had regular access to these reports as part of their past job responsibilities, in this instance these reports were accessed without permission after their employment ended.”

Looking into the matter is Keith Neilson, Technical Evangelist at CloudSphere. Neilson explains to Digital Journal about the inherent risks arising from insider threats.

An insider threat refers to any form of malicious threat presented to an organization that arises from people within the organization. This includes current employees, former employees, contractors or business associates. In each case these individuals have some form of inside information concerning the organization’s security practices, data and computer systems.

Neilson  explains the essential nature of the risk: “Insider threats are a critical cybersecurity risk. In this case, a former employee at Block secured access to confidential reports following their departure from the company.”

However, the root cause rests with the system design, as Neilson explains: “When companies lack visibility into their IT infrastructure, employees and former employees often have extended access to sensitive company data, opening the door to both malicious and accidental cybersecurity incidents.”

This comes to planning and resourcing. Here Neilson recommends: “To ensure the right personnel have access to the right data, it is crucial that companies establish an agile cyber asset management strategy. This begins with taking inventory of all cyber assets within the IT environment to establish clear, real-time visibility of the attack surface.”

In conclusion, Neilson says: “From there, companies can effectively implement and enforce security guardrails while managing access to ensure company data does not fall into the wrong hands.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:


The Supreme Court is attempting to undermine the federal regulatory state established by Congress.


Worshippers from across the world have packed the streets of Mecca as Islam's holiest city prepares to host the biggest hajj pilgrimage.


Rescuers warned Monday that hope of finding survivors was diminishing after an avalanche set off by the collapse of an Italian glacier.


The city is still living in slow motion, even though Russian troops withdrew from the outer northern and northeast suburbs three months ago.