Managing the internal threat

7th September 2021

When we think about cyber security, we often think about the external threats and the well-known dangers that are hackers or phishers. But in focusing on the external threat, many companies overlook the danger which may be lurking within their business.

The core value of most businesses is held within its technical know-how, its customer databases, its contractual terms and its pricing structures. Unfortunately, those inside the company with access to this sensitive data are often the people best placed to exploit its value, to the detriment of the business.

So, while it’s important to consider outward-facing cyber security, it’s equally important to consider effective internal protection.


Five measures to help protect your business against internal cyber security threats

You must steer clear of spying on your employees unnecessarily and without their knowledge. But there are things you can do to ensure that your valuable data isn’t compromised by your employees.

Here are five measures you should consider.

Set clear expectations

Set out from the start about what the employee can expect from the company and, crucially, what you expect from them.

This is not a contractual document but a document setting out the mutual expectations of the parties, in particular with regard to the softer, often unspoken expectations and the culture of your organisation.

Clearly informing an employee from the outset as to what to expect with regard to the organisation’s culture, how they will be treated and how they will be expected to behave can go a long way in ensuring that an employee “buys in” – which makes them less likely to feel disillusioned and turn on the organisation in the future.

Check your employment contracts

Ensure that all employment contracts and, in particular, those of key personnel, include provisions that protect your business and the confidentiality of its information. These might include garden leave clauses, confidentiality provisions and post-termination restrictive covenants.

Post termination restrictive covenants seek to prevent the solicitation of customers, clients, suppliers, other employees, and/or prevent general competition for a defined period after termination of employment.

As well as ensuring that your employment contracts are fit for purpose upon an employee joining the business, you should make sure that an employee’s contract is reviewed whenever their role and, crucially, their access to confidential information, changes.

Review your IT systems

Where possible, avoid shared devices, restrict access to sensitive information on a need-to-know basis, have individual password protected access to all systems and invest in systems that can tag and record all activity, such as forwarding or copying of information.

Not only will these measures help prevent your data being exploited, but they will also mean that, if the worst happens and your data is compromised from the inside, you will have the evidence you need to do something about it.

Have clear IT, information control and disciplinary policies in place

These policies need to tightly control what employees can and can’t do with regard to company data. They should also inform employees that your IT systems are monitored, the extent of that monitoring and the reasons for it, meaning that employees can have no expectation of privacy when using those systems.

Ensure you’re insured

Maintain proper commercial insurance, particularly legal expenses Insurance. This means that if you are double-crossed by an unscrupulous employee, the cost of retrieving sensitive data (by way of a search and seize order) and preventing any such data being used against your business (by way of a springboard Injunction), does not act as a barrier to the protection that such legal proceedings can bring.


We will cover many of these issues around cyber security, the employment relationship and how to identify and manage the internal threat in more detail, at our Cyber Conference between 21 and 23 September 2021.

The conference will see legal experts and industry leaders come together to deliver first-rate presentations on all things cyber and technology – including Susanna Berry from Blacksmiths Group, who will give a fascinating insight into the psychology of a hostile insider, what motivates them and what you can do to spot an insider before they have the opportunity to attack. Book your place here