The Veriti Spottr Cybersecurity Brief

Thought Leadership Insider Threat May 2026  ·  8 min read The moment someone gives their notice, a clock starts ticking. 70% of IP theft happens within 90 days of a resignation. Most small businesses don't know what their departing employees took, what access they still have, or what the next employer just inherited. Here's what the data says — and what to do about it. In March 2025, a research scientist at Yahoo received a job offer from a competitor. Within minutes of accepting it, he downloaded approximately 570,000 pages of proprietary information to his personal devices. Intellectual property, research data, competitive intelligence — files he had legitimate access to right up until the moment he decided to leave. By the time Yahoo's security team identified the exfiltration, the data was already gone. This case made headlines because Yahoo is a known company. But the same pattern — a departing employee, a ...

Thought Leadership Information Security May 2026  ·  8 min read The World Cup Knows Something About Data Security That Your Business Doesn't With 48 nations competing across 16 cities this summer, the 2026 FIFA World Cup is the biggest sporting event in history — and one of the most aggressively targeted information security environments on earth. The security lessons playing out on the world stage apply directly to your business. Here's the playbook. The 2026 FIFA World Cup kicks off June 11 in Mexico City — 48 teams, 104 matches, 16 host cities across three countries, and a global television audience of over five billion people. It is the largest sporting event in history by almost every measure. It is also, for the duration of its 39 days, one of the most intensely targeted information security environments on the planet. Nation-state actors. Organized cybercrime groups. Rival teams hiring private intelligence con...

Thought Leadership Financial Impact May 2026  ·  8 min read The average organization now loses $19.5 million annually to insider threats — and the incidents driving that number don't happen during dramatic heists or sophisticated attacks. They happen during ordinary workdays, in ordinary moments, by ordinary employees just trying to get things done. It's 8:47am on a Tuesday. Your sales manager, Sarah, is on her second coffee and working through a backlog of emails before her 9am call. She gets a message that looks like it's from your IT vendor — subject line "Action Required: Account Verification." It's well-written, uses her real name, references a software tool she actually uses. She clicks the link, enters her credentials, and moves on. By 8:49am, her account belongs to someone else. By the time anyone notices — 81 days later on average — that account has been the source of unauthorized access t...

Thought Leadership Insider Threat May 2026  ·  8 min read Most small businesses invest in perimeter security and assume the threat is outside. The data tells a different story. The most financially damaging cyber incidents don't break through your defenses — they walk past them, using legitimate access your own employees already have. In May 2025, Coinbase discovered that cyber attackers had recruited a group of their own customer support agents — employees with legitimate system access — and bribed them to hand over customer data. The attackers then used that data to impersonate Coinbase representatives, manipulating customers into sending them cryptocurrency. When the attackers contacted Coinbase demanding a $20 million ransom, the company refused to pay. The total cost — including customer reimbursements, security upgrades, and regulatory response — ran significantly higher. Coinbase isn't a naive startup. They're one of...

Thought Leadership Incident Response May 2026  ·  8 min read An F1 pit stop takes 1.8 seconds. Twenty people. Thirty-six tasks. Zero improvisation. The principles that make it possible — preparation, assigned roles, practiced procedures, and relentless post-incident review — are the same principles that separate businesses that survive a cyberattack from those that don't. On lap 27 of the 2023 Qatar Grand Prix, Lando Norris pulled into the McLaren pit box. Twenty mechanics descended on the car simultaneously. Four pneumatic wheel guns — spinning at over 10,000 revolutions per minute — removed four wheel nuts. Four tires came off. Four new tires went on. Four wheel nuts were tightened. The jacks dropped. The car launched. Total time stationary: 1.80 seconds. A Guinness World Record. The fastest pit stop in Formula 1 history. Now consider what your business does when it detects a cybersecurity incident. Who get...