Cyber-Sabotage & Talent Acquisition - Are your new recruits a great threat to cyber-security?

A cyber horror story: Jim is the owner of a small business dealing with sensitive data management in the legal world. When he hired a new accountant 9 months ago, little did he know that he would end up almost bankrupt before the end of the year! The employee quickly revealed himself to be negligent with online security procedures, pretending that "he knew the tricks." The first cyber-attack was not too damaging; however, the second one froze access to the company main database for more than a week - which was reestablished only after Jim decided to pay the price - over $350,000.

In the cyber universe, an insider threat is a malicious threat to an organization that comes from people within the organization, such as current or former employees, contractors, or business associates - anyone who has inside information concerning the organization's security practices, data, and computer systems - as defined by CERT ("Computer Emergency Readiness Team").

Are you hiring


The Software Engineering Institute at Carnegie Mellon found that 85 percent of cyber insider threats are employees of the victim organization. Statistics are quite scary:

If we do the math: 31,000,000 X 60% = 18,600,000 attacks caused by insiders. 85% of that is over 15,000,000 cyber-attacks caused by employees. Yes, you read it right!

Are you hiring potential "cyber-attackers?"

The vast majority of inside threats are caused by lack of education and awareness. Most people who work for you do not create a cyber liability intentionally. But, even if it applies to only very small minority of them, could they increase the dangers of cyber-attack by maliciously neglecting some fundamental rules of protection?

Aware of the potential liability, numerous organizations spend a lot of money vetting candidates' background and credentials. Some try urine or blood testing. Some try careful biographical application form testing. And many are turning to standardized questionnaires. They all try to answer the question: "Are we bringing in honest, reliable people?"

Research by The US Office of Personnel Management (OPM) strongly suggests that individuals who score poorly on integrity tests tend to be less suitable and less productive employees. (3)

Honesty comes first

A famous quote from Warren Buffet says it all:

"Somebody once said that in looking for people to hire, you look for three qualities: integrity, intelligence, and energy. And if you don't have the first, the other two will kill you. You think about it; it's true. If you hire somebody without [integrity], you really want them to be dumb and lazy."  - Warren Buffet

At Hirebox International, we offer very precise pre-hire assessments which can help employers detect integrity issues. We also educate our clients to challenge applicants' level of honesty through a series of interview & evaluation techniques. In fact, most of our clients attest to have reduced honesty problems with new recruits almost to Zero!

One Cyber-Attack on your business can cause major losses - or worse, could threaten your organization with bankruptcy. One of many ways to minimize cyber-attacks is to hire responsible, honest and dedicated employees who will defend your organization as if it were theirs! Educate, yes. But avoid hiring malicious employees first - as they (if only one out of 20) won't care about your efforts to minimize the risks.

Visit www.hirebox.com to get your free trial of our unique pre-hire assessments, or contact us to find out how we can help your organization be (more) effective at hiring the right people.

Best success,

Daniel Sadeh,
Partner -  HireBox International


  1. https://www.securitymagazine.com/articles/87787-hackers-attack-every-39-seconds
  2. https://www-01.ibm.com/marketing/iwm/dre/signup?source=ibm-WW_Security_Services&S_PKG=ov47123&S_TACT=000000NJ&&S_OFF_CD=10000254
  3. https://www.opm.gov/policy-data-oversight/assessment-and-selection/other-assessment-methods/integrityhonesty-tests/