Employees must be educated on the value of sensitive corporate information, or they could unwittingly end up leaking materials that are worth millions to your organisation.
Lawrence Ostle, director of global security solutions at CSC Cybersecurity, warned risk managers of this ‘insider threat’, where staff all too often treat vital information as worthless.
“Staff need to treat information like money,” said Ostle at a briefing in Sydney this week. “You need to train staff and make sure they have a responsibility to safeguard the intellectual property of a company. You need to get staff protecting data in the same way they would protect cash”.
Ostle said there is a prevalent culture of employees forwarding spread sheets and other information to their personal email accounts, where the data is no longer under the jurisdiction of the company itself.
“We deal with a state police organisation and they have banned USB sticks, but they then realised they were giving staff digital cameras to take photos at crime and accident scenes, and either the camera or the camera’s memory card was being lost and left in public places. Staff need to be educated on the importance of protecting information and data,” added Ostle.