Scottish companies warned over 'insider threats'
Scottish companies are being warned to do much more to tackle the threat posed to their security by "corrupt and careless" employees.
The warning will be made at Scotland's first national Insider Threat conference, organised by the Scottish Business Resilience Centre (SBRC).
The event will hear that 85% of fraud is committed by past and present staff.
SBRC said it feared fraud crimes affecting businesses will exceed £3bn this year.
Speakers at the event in Edinburgh will include an agent from the US Secret Service and The Royal Bank of Scotland's head of security, resilience and control.
SBRC said insider attacks can include sabotage, the selling of data, the deliberate or accidental disclosure of sensitive information and facilitating illegal access or cyber-attacks by others.
'Very real danger'
Better staff awareness and enhanced visibility to track user behaviour can reduce the opportunities for internal attacks, according to Rashmi Knowles of EMC, which helps to store, manage and secure data.
She added: "Insider threats pose a very real danger to businesses all over the world.
"Employees, former employees, suppliers and, to a lesser extent, customers can all cause companies security issues if the right processes are not in place to protect business critical assets.
"Protecting these assets depends on three critical factors - people, processes and technology."
Industry experts from US Homeland Security, Police Scotland, Napier University as well as specialist security businesses will provide keynote speeches, guidance and workshops at the conference in Edinburgh.
SBRC will also launch a new package of training materials on insider threats.
It covers a range of topics including password security and social networking.
Launching the training package, SBRC deputy director Brian Gibson said: "It's staggering to think that as a result of insider attacks a typical Scottish organisation loses approximately 5% of its annual revenue to fraud.
"That's why the issue is so critical and needs to be addressed now, before even more businesses fall prey to criminal, or in some cases, neglectful or careless, staff."