"Although many companies have traditional prevention tools in place, data loss, leak and theft, particularly among insiders, continues to happen at an alarming pace," the Sapio Research study said. "Information security teams need to find new ways to secure data. Without urgent action, insider threats will become increasingly disruptive."
There's an ongoing federal court case that highlights the issue.
U.S. Bancorp last year sued Michael Cole, the former president of U.S. Bancorp's Ascent Private Capital Management, which serves clients worth at least $75 million. U.S. Bancorp alleges Cole swiped proprietary data about strategy, services and clients on the way out the door to take a top job and ownership position with Cresset Capital Management, a fledgling competitor.
"This is potentially a big deal for both USB and Cresset," Ben Anderson, an independent securities lawyer, said last year. "It reflects the intense competition among large asset managers to hire consistently profitable investment teams, who in turn can attract institutional investors."
It also reflects the growing use of forensic technology to track access by employees to computers where high-value data is retained.
U.S. Bancorp alleges that in addition to using its confidential documents as the basis for the strategic plan he prepared for Cresset, Cole continued to misappropriate related data until the time he departed U.S. Bancorp in June 2018. This is a high-stakes case being watched in the industry.
Most cases of alleged employee theft don't make it to federal court. Regardless, the Sapio Research study found:
-- 69% of organizations say they were breached due to an insider threat, despite preventive measures.
-- Nearly two-thirds of survey respondents admit to bringing data from past employers to their news jobs.
-- Most employees feel entitled to personal ownership of their work.