Insiders cause most IT security breaches, study reveals

Insiders are a greater threat to corporate IT security than hackers, says RSA.

Insiders are a greater threat to corporate IT security than hackers, says RSA.


RSA, the security division of EMC, said research it commissioned from IDC showed that accidental security incidents by company insiders happen more often and have greater potential for harm than malicious insider attacks.

IDC found that most chief security officers (CSOs) were more worried about the threats from outsiders and that their budgets were therefore misaligned.

The IDC said its 400 respondents worldwide admitted to

• 6,244 incidents of unintentional data loss

• 5,830 malware/spyware attacks from inside the enterprise, and

• 5,794 risky incidents from abuse of privilege and access control rights.

"In total, the number of internal security incidents from the respondents came out at 57,485 in the previous 12 months," IDC said.

Some 93% of respondents were responsible for security decisions within their organisations, but 82% were unclear on the source of their company's insider risk and could not accurately pinpoint or quantify the nature of the financial impact.

In the past year, contractors and temporary employees posed the greatest source of insider threat, the IDC found. Outsourcing companies lost nearly $800,000 because of insider breaches.

When asked to rank their top threats, almost 82% of CSOs were unsure if incidents from contractors and temporary staff were accidental or deliberate.

Fifty-two per cent said their insider incidents were mostly accidental. Only 19% believed the attacks were deliberate, 26% believed they were an equal combination, and 3% were unsure.

The survey showed that almost 40% of respondents will increase spending to cut internal security risks over the next 12 months, but 6% will decrease spending.

Chris Christiansen, vice-president for security products at IDC, said the complexity and distributed nature of many large firms meant it was hard to assess the risks posed by insiders. "Whether the risk is intentional or not, it is there. It is real," he said.

Read more on Hackers and cybercrime prevention