Have We Become Complacent About The ‘Insider Threat’?

We’re constantly being warned about the persistent threat to data that comes from people within the organisation. In its latest Data Breach Investigations Report, for instance, Verizon confirms that 74% of breaches involve the human element – which includes social engineering attacks, errors, or misuse.

Findings from Apricorn’s latest research also emphasise the ‘insider threat’ that continues to plague UK enterprises, with clear indications that security leaders simply do not trust their organisation’s employees to keep information safe. Despite this, however, they’re neglecting to take the necessary steps to control the risks.

The security leaders surveyed believe that workers are routinely exposing sensitive data to loss or theft - with 22% saying employees unintentionally putting data at risk had been the main cause of a data breach at their organisation. An alarming 20% cited that employees with malicious intent had been the catalyst for a breach at their company. 

Remote workers specifically had been behind a breach at 26% of organisations, up from 21% in 2022.

Out Of Sight, Out Of Mind?

Almost half of the companies surveyed admitted that their mobile or remote workers had knowingly exposed data to a breach over the last year, a rise from 29% in 2022, while 46% stated that their remote workers “don’t care” about security. 

There appears to be an overall lack of engagement within the workforce around the need to protect the information they create and handle. In some cases this is manifesting as brazen negligence. Perhaps increased familiarity with messages about cybersecurity threats and incidents has led to apathy, or even ‘vigilance fatigue’. It’s also possible that employees who have become used to working away from the office environment have developed a new – overly relaxed – mindset.

In spite of their awareness that ‘insiders’ are not living up to their responsibilities around protecting data, companies don’t appear to be applying the measures necessary to prevent data being compromised. This is particularly the case when it comes to BYOD.

Of those companies that allow employees to use their own IT equipment remotely, only 14% use software to control the systems and data they can access. Nearly a quarter require employees to receive approval to use their own devices, but do not apply any controls, while 17% don’t require approval or apply any controls.

Decentralisation of IT may be behind this apparent ‘loosening of the reins’, as the technology estate moves further away from the organisation, and users – by default – gain greater autonomy over what they do and how. This could be resulting in a potentially dangerous slip in the control that security teams have over the endpoint.

Defuse The Ticking Time Bomb

Three quarters of the respondents to Apricorn’s survey said that, since the EU GDPR came into force five years ago, their organisations had either notified the ICO of a breach or potential breach or been reported by somebody else.

This is hardly the time for companies to be taking a step backwards with regards to the strength of their security controls. UK GDPR is on the horizon, currently working its way through parliament under the guise of the Data Protection and Digital Information Bill. Although we expect a softening of requirements compared with the EU GDPR, the ICO will be no less ready to bare its teeth, and the fallout from fines and reputational damage will be no less painful for the organisations affected.

In its Data Security Incident Trends report, the ICO reveals that 65% of incidents reported in Q4 of 2022 were down to user error, or the incorrect use or configuration of software. Organisations should be investing sufficient time and energy in minimising the potential for human error, and rebuilding a culture that ensures everyone has a security-first mindset, wherever they’re working.

Creating engagement requires ongoing awareness training that is specific and contextual – making sure that employees fully understand the security threats to data and to the organisation, and the likely outcomes in the case of a breach. Corporate security policies may also need a shake-up, especially those that cover the use of employees’ own IT kit. 

Finally, all policies must be enforced through the use of technology. This could involve locking down ports on laptops so they will only accept approved devices, or implementing software that controls access to vital systems and apps.

Mandating the organisation wide automatic encryption of all data will prevent it being compromised, even if a device is lost or stolen, or a disgruntled employee is motivated to cause a breach. 

The ’insider threat’ will always be with us. Human beings will always make mistakes, let their guard down, and behave in ways that leave company data exposed. It’s down to IT and security teams to tighten the reins, put measures in place to control the risk - and enforce them. 

Jon Fielding is Managing Director EMEA at Apricorn                         Image: geralt

You Might Also Read: 

The Top 5 Challenges Of Securing Remote Work:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

 

« British University Data Breaches Are A Lesson For All
A Database Tracking Maritime Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Civica

Civica

Civica provides cloud-based managed IT services, hosting and outsourcing.

Cyfor

Cyfor

Cyfor provides digital forensics and eDiscovery in civil, criminal, intellectual property, litigation and dispute resolution investigations.

IMS Networks

IMS Networks

IMS Networks specializes in the design and management of high criticality networks and telecoms services including network security and Managed Security Services.

The Data Privacy Group

The Data Privacy Group

The Data Privacy Group provide expert professional services underpinned by world leading automation tools and a consulting team specialized in privacy and data protection.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

Neupart

Neupart

Neupart provides Information Security Management System, Secure ISMS, allowing organisations to automate IT Governance, Risk and Compliance management.

Uniwan

Uniwan

Uniwan is an IT services company specializing in networking and security.

Crashtest Security

Crashtest Security

Crashtest Security is a cyber security company that helps digital companies to continuously create secure software with the help of automated vulnerability assessments.

GoSecure

GoSecure

GoSecure Managed Detection and Response helps all organizations reduce dwell time by preventing breaches before they happen.

iSolutions

iSolutions

iSolutions is an official reseller and engineering company of leading products and solutions for cybersecurity and information protection, optimization, visualization and control of applications

Aryaka

Aryaka

Aryaka’s SmartServices offer connectivity, application acceleration, security, cloud networking and insights leveraging global orchestration and provisioning.

FCI

FCI

FCI is a NIST-Based Managed Security Service Provider (MSSP) offering Cybersecurity Compliance Enablement Technologies & Services to Financial Services organizations.

Aleo

Aleo

Aleo is building the world's leading developer platform for enabling absolute privacy on blockchains.

Airiam

Airiam

Airiam provides cybersecurity, managed IT, consulting, incident response, and digital transformation services so you can focus on what matters most.

RiverSafe

RiverSafe

RiverSafe is a professional services provider specialising in Cyber Security, Data Operations and DevOps, putting security at the heart of everything we do.

Offensive Security Manager (OSM)

Offensive Security Manager (OSM)

Offensive Security Manager is the ultimate AI software that will enforce offensive security automation, orchestration, coverage, ensure quality, and lets you manage whole process.