Businesses Get Better At Detecting Insider Threats

The cyber security threat to companies from their own employees is on the rise, according to new research. Data security company Clearswift surveyed 600 senior business decision makers and 1,200 employees across the UK, US, Germany and Australia and found year-on-year cyber security incidents are also on the rise generally.

Clearswift found companies are able to spot suspicious activity significantly quicker than two years previously.

Inadvertent or malicious threats from employees make up 42 per cent of incidents, up from the 39 per cent in 2015.

When looking at the extended enterprise, employees, customers, suppliers, and ex-employees, this number reaches 74 per cent, compared to 26 per cent of attacks from groups unknown to the organisation. In 2015, 33 per cent of attacks were carried out by unknown parties, so this proportion is falling, which may seem surprising given the recent swathe of high profile attacks, such as WannaCry, which affected over 230,000 computers.

Large-scale external threats are more likely to encourage companies to add cyber security to the boardroom agenda, with 29 per cent of UK businesses doing so in recent months.

“As GDPR approaches, every department in a business will need to recognise the potential security dangers associated with the data they use,” said Dr Guy Bunker, SVP Products at Clearswift.

“Businesses may fall victim to the frenzy around high profile attacks and organisations may be quick to look at threats outside the business but, in reality, the danger exists closer to home.

“The blurring lines between personal and work-based technologies has led to an unabated rise in the insider threat.

“A reactive policy of blocking technologies may prove futile as users will inevitably find a work-around. Educating employees about how to safeguard critical information, motivating employees to care more about the ramifications of a breach, and increasing investment in Data Loss Prevention tools are the biggest priorities needed to minimise the risk of internal security breaches.

“Being a responsible data citizen will also require organisations to look at the way in which partners or suppliers hold and share information, as breaches within the extended enterprise could also lead to heavy fines for the originating business.”

Although internal threats pose the biggest threat to most organisations, employers believe that the majority (65 per cent) of incidents are accidental or inadvertent rather than deliberate in intent; this remains unchanged over the past three years and highlights a critical need for better security education within most organisations.

This is particularly relevant, as most businesses believe their critical data predominantly lies in non-technical departments, such as finance (55 per cent), HR (45 per cent) and legal or compliance (43 per cent).

More than half of organisations (52 per cent) say they are spotting an issue within an hour, compared to only a third (34 per cent) two years ago.

BusinessCloud

You Might Also Read: 

Data Threat: Your Ex-Employees:

Directors Report January 2017. Cyber Security Checklist For Management (£):

 

« Russian Cyber Campaign Aims To Splinter US Voters
Social Media - 'Jargon-Busted' »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

National Cyber Security Centre (NKSC) - Lithuania

National Cyber Security Centre (NKSC) - Lithuania

NKSC is the main Lithuanian cyber security institution, responsible for unified management of cyber incidents, monitoring and control of the implementation of cyber security requirements.

Cyber Data-Risk Managers

Cyber Data-Risk Managers

Cyber Data-Risk Managers Pty Ltd is an insurance broker based in Melbourne, Australia specializing in Cyber insurance / Data breach insurance.

Cyber, Space, & Intelligence Association (CSIA)

Cyber, Space, & Intelligence Association (CSIA)

CSIA focuses on issues critical to Cyber Security, Military Space and Intelligence.

Schneider Electric

Schneider Electric

Schneider Electric develops connected technologies and solutions to manage energy and process in ways that are safe, reliable and sustainable.

Qubitekk

Qubitekk

Qubitekk has developed quantum cryptography solutions for the machine-to-machine (M2M) communications market.

Approach

Approach

Approach is a leading provider of cyber security consulting and secure application development services in Belgium.

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

Innova

Innova

Innova is Turkey's leading IT solutions company, providing platform independent solutions to organizations in telecommunication, finance, production, public and service sectors.

Aligned Technology Solutions (ATS)

Aligned Technology Solutions (ATS)

ATS manage, monitor, and maintain everything from your network and servers to your workstations and mobile devices, and we do it proactively to eliminate downtime and keep hackers at bay.

Laminar

Laminar

Laminar provides the only Public Cloud Data Protection solution that provides full visibility and enforcement capabilities across your entire public cloud infrastructure.

Datapac

Datapac

Datapac is one of Ireland’s largest and most successful ICT solutions and services providers. We have been at the forefront of technology innovation in Ireland for the past three decades.

Allot

Allot

Allot are a global provider of leading innovative network intelligence and security solutions for Service Providers and Enterprises worldwide.

CyFlare

CyFlare

CyFlare’s security platform integrates your tools with ours – delivering true positives, automated remediation, and interactive analytics built for security management teams.

B2Bcert

B2Bcert

B2BCERT one of the top companies offering ISO 9001, ISO 14001, ISO 45001, ISO 22000, ISO 27001, ISO 20000,CE Marking, HACCP, and other globally accepted standards and Management solutions.

Digital Encode

Digital Encode

Digital Encode is a leading consulting and integration firm that specializes in the design, management, and security of business-critical networks, telecommunications, and IT infrastructures.

SecureDApp

SecureDApp

SecureDApp is a blockchain security company that specialises in offering comprehensive security solutions to companies operating in the web3 space.