Is Your Company at Risk of a Data Breach From the Inside?

One in three reported data breaches involve an insider, and those breaches can cost as much as 20 percent of a company’s annual revenue.

It’s coming from inside the house.

Or in this case, inside your company.

When it comes to data breaches, we often focus our attention on dangers coming at us from outsiders   who wish to take our customer data, intellectual property, financial reports, and other vital company information and either hold it for ransom or leak it publicly.

That’s a legitimate concern. The average cost of a data breach among companies surveyed reached $4.24 million per incident in 2021, the highest in 17 years, according to a 2021 report from IBM and the Ponemon Institute. And while the number of publicly reported data breaches in the U.S. did decrease 9 percent in Q3 2021 compared to the same period in 2020 (446 this year compared with 491 last year), the U.S. has already exceeded 2020s total breach numbers by the end of September (1,291 breaches as of September 30, 2021, compared to 1,108 in all of 2020). That’s up 17 percent – a big deal.  

But those breaches aren’t solely the work of nefarious data-grabbers from outside your organization. At least one in three reported data breaches involve an insider, according to a recent study conducted by Aberdeen. That same report found that data breaches from insiders can cost as much as 20 percent of annual revenue. (Read the full report.)

But before we start tossing suspicious glances at every member of our dedicated teams, know this: 78 percent of those insider breaches are unintentional. Meaning yes, there are cases where employees purposely leak company information for a variety of reasons (read about 17 Real Examples of Insider Threats), but the bulk of them are inadvertent.  

Those breaches are largely due to compromised credentials and poor file management (the latter risk increasing greatly when large numbers of employees began working from home at the start of the pandemic).  

Many companies don’t have a reliable method of tracking file movements due to a lack of tools or security protocols. Files are moved around on unsecured machines or platforms, resulting in enormous vulnerabilities.

Credentials are also compromised in a multitude of ways. Reusing passwords on multiple platforms or using easy-to-guess credentials paves the way for hackers to access company files. Falling victim to phishing attempts puts companies at risk, too. All it takes is one unsuspecting team member to click on a link in a phishing email, and suddenly your data is exposed. (Learn Tips to Spot and Avoid Phishing Attacks in our blog.)

To ensure your critical company files are secure and prevent a future breach – unintentional or otherwise – here are some tips:  

Regular Risk Assessments

Know where your vital files reside, who has access, and all the threats your systems face – internal and external.  

Monitor and Control Remote Access

This is especially important for teams that work remotely.

Implement Security Software

Develop and enforce clear policies and protocols related to company credentials and file access.
This should include policies on file use, account management, and passwords.

Educate Your Team on How To Spot Phishing Attempts

Ensure every member of your team knows what to look for and how to respond to suspicious emails (such as alerting the IT department).  

Identify and Respond to Suspicious Activity


Secure Backup and Disaster Recovery Plans

Back up fully and frequently, and have a well-mapped-out disaster recovery plan that can be implemented quickly.

If you have any questions about your company’s cyber security, please reach out. We would be more than happy to help.  


Tips to Spot and Avoid Phishing Attacks

Get Ahead of a Hack: Why Cybersecurity Matters for Every Business

IBM Report: Cost of a Data Breach Hits Record High During Pandemic

Full Aberdeen report

Brian Gagnon

Brian is a seasoned technologist boasting 25 years of expertise in crafting, expanding, and refining business ecosystems. His journey in the tech landscape has seen him at the helm of Global Systems Engineering at HGST/Western Digital, shaping strategies as a global architect at VMware, and founding and steering tech companies towards success.

Latest Posts


With Uprise Partners' Senior Director of Services, Kyle Peterson, you'll learn how to effectively manage your email inbox, handle spam, and utilize advanced email features.


Businesses have IP concerns related to emerging AI technology. Explore our insights on common challenges of harnessing AI within the bounds of the law.

Uprise monthly newsletter —
Get our latest news and updates!


Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

Heading 1

Heading 2

Heading 3

Heading 4

Heading 5
Heading 6

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

Block quote

Ordered list

  1. Item 1
  2. Item 2
  3. Item 3

Unordered list

  • Item A
  • Item B
  • Item C

Text link

Bold text




Uprise monthly newsletter —
Get our latest news and updates!