Personal data remains attractive for malicious actors and cybercriminals. As they evolve their methods for stealing and compromising such data, implementing sufficient data protection measures is especially vital for any organization. In some industries, protecting personal data is a must to comply with privacy laws and regulations. But even if your organization is not subject to a particular data privacy requirement, it’s highly recommended to secure the data of your customers and employees.

Many enterprises perceive cyber-attacks as malicious actions predominantly executed by external actors. Enterprises devote time and budgets investing in methods to bolster their security perimeters against external threat actors. However, it is equally important for these organizations to remember that many cyber-attacks, which cost millions in losses, originate through an internal compromise.

In Q3 2022, Kroll saw insider threat peak to its highest quarterly level to date, accounting for nearly 35% of all unauthorized access threat incidents. Kroll also observed a number of malware infections via USB this quarter, potentially pointing to wider external factors that may encourage insider threat, such as an increasingly fluid labor market and economic turbulence.