Internal Threat Remediation

According to insider threat statistics from a Ponemon Institute study, the majority of insider threat incidents are caused by employee and contractor negligence.1

Each and every day, intellectual property data is compromised or exfiltrated by insiders in businesses all over globe; the causes are many:

  1. By unintentional employee mistakes.
  2. By disgruntled workers wishing to exact revenge on their current employer.
  3. By exiting employees packaging up valuable intellectual property for use by their new employer (and typically one of their old employer’s competitors).
  4. By employees with financial problems looking for a way to sell their employer’s intellectual property and/or sabotage their company’s systems for desperately needed cash.
  5. By employees trying to climb the corporate ladder by stealing their company’s information and using it to directly benefit themselves, or
  6. By an office romance gone sour and one employee exacting revenge on another employee’s data.

Various examples of alarming archetypical behavior:

  • In June 2018 Tesla Motors announced they caught a malicious insider that had not been part of one, but two security breakdowns from the list: 1) the exfiltration of valuable intellectual property and 2) the alteration of critical code essential to Tesla’s manufacturing operations.
  • A very common issue is sales representatives, executives, engineers,  and managers with broad access to information from their previous employer stealing customer contact lists, existing contracts, customer quotes, strategic positioning frameworks and other intellectual property to get a leg up with their new employer.

Insiders are incredibly difficult to protect against. They know more about your organization and if they really want to do some damage, they can do it very quickly and very efficiently.2


  1. Brian Vecci, Field CTO, Varonis