According to Dayman, such risks might not initially appear to be a high priority, but they can quietly proliferate, causing downstream consequences. “Though insider risk is not new, it has become more prevalent over the past few years with the inception of remote-first distributed workforces, increased use of collaboration tools, and high-risk digital behaviors.”

If you can’t protect data, don’t collect it

I agree with Dayman that this loss may be viewed as ho-hum if we just read the AT&T SEC filing, and for those who are AT&T subscribers inside and out of government I pray such is the case. That said, my “spidey sense” tells me this loss is anything but ho-hum.

Code42’s research has revealed that a single insider-driven data exposure, loss, leak, or theft event could cost companies as much as $15 million in financial losses, according to Dayman. “Though the full repercussions from the recent AT&T breach are still evolving, they represent a clear hit to the company’s reputation and customer trust,” he says.