The case of Bradley Manning, the U.S. soldier convicted of the biggest breach of classified data in the US history by providing files to WikiLeaks, highlights how employees can pose a major vulnerability to the internet security.
In 2010, Manning turned over more than 700,000 classified files, battlefield videos and diplomatic cables to WikiLeaks, the pro transparency website, in a case that has commanded international attention. Manning was sentenced to 35 years in prison on Wednesday and this sentence is unprecedented in its magnitude for providing secret material to the media. Please click on the link to read more in the Toronto Sun article: Bradley Manning sentenced to 35 years in WikiLeaks case
This case shows how some of the most damaging cyber-attacks involving deliberate policy violations come from within the business, in ways that many employers overlook when it comes to their cyber security. It’s an employer’s worst nightmare—an employee is dissatisfied with his or her job and decides to defraud or steal from the company. Employees can cause enormous damage by committing these crimes.
According to a 2012 occupational fraud report by the Association of Certified Fraud Examiners (ACFE), the typical organization loses 5 per cent of its annual revenue to fraud. It also reported that the median loss caused by fraud was $160,000. For a small company, this could mean the end of the business. Small businesses are more at risk because owners inherently treat their employees like family, leading to complacency and lax security measures. Small businesses also tend not to have anti-fraud measures in place as many lack the knowhow and enforcement capabilities of larger businesses. Nearly half of victim organizations do not recover any losses that they suffer due to fraud.*
ABEX has partnered with WatSec to provide employee security awareness training as part of our Cyber Risk Management Program. The security awareness training prepares every staff member with the critical skills necessary to work productively while being vigilant for potential security threats.
*Source: ©2013 Zywave, Inc