Insider Data Breaches – Does the Size of Your Client’s Business Matter?

Back to Blog
jariyawat thinsandee

Insider Data Breaches – Does the Size of Your Client’s Business Matter?

Does size matter? Not when it comes to insider data breaches caused by activity inside the network firewall.

Many small to midsize business owners believe breaches, both external and internal, only happen to “the big guys.” They often feel their businesses are too insignificant to attract unknown bad actors or malicious employees looking for a big payout. Yet, reports show that hackers prefer small companies because they are easier targets than big corporations. And insider breaches are rarely about the big payout.

More often than not, insider data breaches are purely accidental and sometimes even unknown to the transgressor. But for those breaches that are intentional, the reasons behind them are often more personal than simply just snatching data to sell on the Dark Web. They are often done out of revenge or for specific personal gain.

3 Categories of Insider Data Breaches

Let’s delve deeper into the three most common triggers for insider breaches:

Mishaps and Negligence

“To err is human…”1 and employees are very human when they’re busy, tired, or distracted. They unwittingly forget their laptop on the bus, send files to the wrong recipient, click on infected links, etc.

The majority of breaches fall into this bucket. A survey from a Black Hats Security Conference suggested that human error causes around 84 percent of all data breaches. However, as one study from Egress revealed, some 25 percent of workers knowingly risk data because their companies failed to provide the necessary tools to share it safely.2

Personal Gain
Occasionally, employees aren’t satisfied with working for what they want and choose illicit workarounds to get ahead – like stealing proprietary data to share with a new employer or competitor. Astonishingly, 46 percent of employees confessed that they intentionally confiscated company data when they resigned. 2

Revenge and Sabotage
Although reportedly less common than accidental breaches and those perpetrated for personal gain, breaches sparked by vengeance are not unheard of. The Egress data breach survey found 11 percent of employees admitted that they intended to harm their employer with a security violation.

What Makes SMBs Vulnerable?

It’s really the “we’re too small for it to happen to us” mentality that renders SMBs vulnerable. And since these breaches don’t typically make big headlines, many SMB owners tend to think they are not at risk. A clear case of out of sight, out of mind.

To that end, SMB owners don’t feel compelled to establish strict internal security protocols. There’s often a deeper sense of trust in SMBs, where people work closer together, positions often overlap and owners may know and interact with all employees. Indeed, there’s a greater tendency to overlook red flags and risks. No one wants to believe the workers they hired will make grave mistakes or betray them, so internal security remains lax.

However, the reality is that any company, with any number of employees, is susceptible to internal data breaches. No matter how much a hiring manager scrutinizes prospective employees, accidents happen to even the best staff. It’s human nature.

Throttle the Threats

MSPs can help their SMB clients regularly scan their networks for anomalous user behavior, suspicious logins and violations to configured IT policies, and also discover threats with automated internal threat detection software. A daily scan of systems and user activity is one of the most effective methods to reduce internal breaches and other damaging anomalies.

Visit RapidFire Tools to learn more about products such as Cyber Hawk that can help you meet your clients’ cybersecurity demands.



  1. An Essay on Criticism, Part II, Alexander Pope, 1711
  2. Insider Data Breach Survey 2020, Egress, 2020