Insider Risk is Real: Pay Appropriate Salaries

Perhaps you have heard the recent news that cyber criminals bribed some Coinbase staff into exfiltrating customer data to facilitate social engineering attacks.

The key word here is, “bribed.”

The management at Coinbase has announced a $20 million reward for information leading to the identification of the cyber criminals responsible for the attack. 

However, how much were they willing to pay their staff who had access to their customers’ Know Your Customer (KYC) information such that these employees would less likely be tempted by bribes and would be motivated to immediately report attempts to illegally access customers’ sensitive data?

Remember, everyone does not have the same level of professional integrity.  Insider risk is real.

Companies must resist seeing “overseas support agents” too strongly through the financial lenses of “cost-savings measures” to avoid creating a risk management blind spot.

Though not the only consideration, corporate risk management must include paying salaries that are commensurate with the responsibilities and access that employees have, relative to sensitive assets under a company’s control or management.

--

I am Dr. Reuel E. Ocho, a Digital Innovation Strategy and Accelerated Delivery specialist.  I offer digital innovation advisory services across areas such as RWA Tokenization, AI, Innovation Management, and Technology Strategy, Digital Platforms, Product Management, and Advanced Digital Architecture.

I consult through my consultancy, Caimito Consulting.

Contact me for advisory services or for speaking engagements.