momius - stock.adobe.com
The threat from inside an organisation has fallen by 8% in the past 12 months to 65% of all incidents in the UK, while in the US it has grown by 8% to 80%, according to an independent study commissioned by data security company Clearswift.
The data suggests that EU countries are more aware of the insider threat, which is also dropping in Germany, by 5% to 75%, while businesses in the US are yet to manage the risk of employees.
The findings are based on a survey of 400 senior IT decision-makers in organisations with more than 1,000 employees across the UK, Germany and the US.
The study also shows that the insider threat was lower for companies with more than 3,000 employees (36%), which possibly indicates more robust internal processes and checkpoints at larger firms.
Threats from ex-employees account for 13% of all cyber security incidents across all respondents, highlighting a clear need for better processes when staff leave an organisation, the study report said.
“Although there is a slight decrease in numbers in Europe, the results once again highlight the insider threat as being the chief source of cyber security incidents,” said Guy Bunker, senior vice-president products at Clearswift.
“The majority of incidents are still coming from within the business and its extended enterprise, far greater than the threat from external hackers. Businesses need to shift the focus inwards.”
At the very least, said Bunker, the GDPR has ensured that firms have a better view of where critical data sits within their business and has highlighted to employees that data security is an issue of critical importance. This may be responsible for the drop in the insider threat across EU countries.
“If a firm understands where the critical information within the business is held and how it is flowing in and out of the network, then it is best placed to manage and protect it from the multitude of threat vectors we are seeing today,” said Bunker.
Read more about the insider threat
- Business still not addressing insider threat.
- The cyber threats lurking within every company.
- As survey of 500 cyber security professionals offers insight into the state of insider threats and solutions to prevent them.
- Malicious employees are usually the focus of insider threat protection efforts, but accidents and negligence are often overlooked data security threats.
Although internal threats pose the biggest risk to most organisations, the study showed that employers believe the majority (62%) of incidents are accidental or inadvertent, rather than deliberate in intent. This is down from 65% in 2017.
“Organisations need to have a process for tracking the flow of information in the business and have a clear view on who is accessing it and when,” said Bunker.
“Businesses also need to ensure that employees ‘buy into’ the idea that data security is now a critical issue for the business. Educating them on the value of data, on different forms of data, what is shareable and what is not, is crucial to a successful cyber security strategy.”
But mistakes can still happen, said Bunker, and technology can act as both the first and last line of defence.
“In particular, adaptive data loss prevention systems can automatically remove sensitive data and malicious content as it passes through a company network,” he said.