momius -

GDPR drives down UK insider threat

The insider threat in European countries is falling post-General Data Protection Regulation, but continues to rise in the US, a study has revealed

Two months after the EU’s General Data Protection Regulation (GDPR) compliance deadline, data shows that the insider threat in European countries is declining.

The threat from inside an organisation has fallen by 8% in the past 12 months to 65% of all incidents in the UK, while in the US it has grown by 8% to 80%, according to an independent study commissioned by data security company Clearswift.

The data suggests that EU countries are more aware of the insider threat, which is also dropping in Germany, by 5% to 75%, while businesses in the US are yet to manage the risk of employees.

The findings are based on a survey of 400 senior IT decision-makers in organisations with more than 1,000 employees across the UK, Germany and the US.

The study also shows that the insider threat was lower for companies with more than 3,000 employees (36%), which possibly indicates more robust internal processes and checkpoints at larger firms.

Threats from ex-employees account for 13% of all cyber security incidents across all respondents, highlighting a clear need for better processes when staff leave an organisation, the study report said.

“Although there is a slight decrease in numbers in Europe, the results once again highlight the insider threat as being the chief source of cyber security incidents,” said Guy Bunker, senior vice-president products at Clearswift.

“The majority of incidents are still coming from within the business and its extended enterprise, far greater than the threat from external hackers. Businesses need to shift the focus inwards.”

At the very least, said Bunker, the GDPR has ensured that firms have a better view of where critical data sits within their business and has highlighted to employees that data security is an issue of critical importance. This may be responsible for the drop in the insider threat across EU countries.

“If a firm understands where the critical information within the business is held and how it is flowing in and out of the network, then it is best placed to manage and protect it from the multitude of threat vectors we are seeing today,” said Bunker.

Read more about the insider threat

Although internal threats pose the biggest risk to most organisations, the study showed that employers believe the majority (62%) of incidents are accidental or inadvertent, rather than deliberate in intent. This is down from 65% in 2017.

“Organisations need to have a process for tracking the flow of information in the business and have a clear view on who is accessing it and when,” said Bunker.

“Businesses also need to ensure that employees ‘buy into’ the idea that data security is now a critical issue for the business. Educating them on the value of data, on different forms of data, what is shareable and what is not, is crucial to a successful cyber security strategy.”

But mistakes can still happen, said Bunker, and technology can act as both the first and last line of defence.

“In particular, adaptive data loss prevention systems can automatically remove sensitive data and malicious content as it passes through a company network,” he said.

Read more on Privacy and data protection

Data Center
Data Management