We only hear about the companies that figure out that they've been breached... and most often, they figure it out WAY too late!
As for where the threats originate, insider threats by employees are always going to be the biggest security risk for businesses. Employees without proper information security access controls and training are more likely to succumb to popular tactics used by hackers.
You must consider what information/data to which your employees have access.
Michael Hack, Senior VP of EMEA Operations at Ipswitch said, “It’s no longer good enough just to have the right policies in place for secure data transfer, an organization must ensure it has the right file transfer technologies, security systems, processes, and most importantly, staff training.”
Employers must also consider the serious responsibility of receiving and managing customer information in a way that retains customer confidence when using their information/data.