Insiders Are Behind Most Business Cybersecurity Incidents

Insider threats are a bigger risk to cyber security than external hackers, with 74% of cyber incidents happening from within companies. 

That's according to survey data conducted by Vanson Bourne on behalf of data security company Clearswift, which took responses from 600 senior business decision makers and 1,200 employees from around the world, with a particular focus on businesses in the UK, US, Germany, and Australia,

When asked about the cyber security threats encountered by the companies, nearly three-quarters found that threat incidents are increasingly coming from within a company rather than from hackers trying to breach their firewalls and defences.
In fact, the study found that over 42% of threats, whether they were inadvertent or malicious, come from employees alone.

When considering the extended enterprise, meaning employees, customers, suppliers, or even previous employees, the number increases to 74%. Although most companies, 65%, believe that these inside incidents are accidental, that data still suggests a serious need for more extensive security education within businesses.

While the threats from internal sources have increased from the 39% in 2015, the number of attacks from outside parties has decreased from 33% in 2015 to a current 26%.

Despite this fall in outside attacks, 29% of businesses within the UK are now implementing cyber security into their boardroom agendas, perhaps due to the recent attacks on companies from hackers as seen with the widespread WannaCry ransomware attacks.

Dr. Guy Bunker, SVP of products at Clearswift, suggests educating employees and investing in data loss prevention in order to shrink the internal security risks. “Businesses may fall victim to the frenzy around high profile attacks and organisations may be quick to look at threats outside the business but, in reality, the danger exists closer to home. The blurring lines between personal and work-based technologies has led to an unabated rise in the insider threat," he said. 

Although 40% of organisations claim the frequency of security incidents have increased over the last year, albeit at a slower rate than previously recorded, companies are spotting these incidents more quickly, with more than half of organisations detecting an issue within an hour.

ITPro

You Might Also Read: 

Businesses Get Better At Detecting Insider Threats:

Data Threat: Your Ex-Employees:

Are Employees Your Weakest Link When It Comes To Security?:

 

« The CIA Discovers It Has A Mole
Facebook Users To Rank The News They Trust »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ACME Communications

ACME Communications

ACME Communications specialises in the field of data centre, implementation, maintenance & operation and all aspects of other IT service.

CircleCI

CircleCI

CircleCI’s platform allows developers to rapidly release code (for web and mobile apps) they trust by automating the build, test, and deploy process.

Rambus Security Division

Rambus Security Division

Rambus Security Division solutions span areas including tamper resistance, content protection, network security, mobile payment, smart ticketing, and trusted provisioning services.

Clearwater Security & Compliance

Clearwater Security & Compliance

Clearwater Compliance specialize in Privacy, Security, Compliance and Risk Management Solutions for Health Care, Law Firms and other businesses.

MKD-CIRT

MKD-CIRT

MKD-CIRT is the national Computer Incident Response Team for Macedonia.

Careerjet

Careerjet

Careerjet is a leading online job search engine with a large presence worldwide, sourcing millions of job ads from thousands of websites from all over the world in areas including Cybersecurity.

FireCompass

FireCompass

FireCompass SAAS platform helps CISOs & Security Teams in continuous risk assessment by mapping your attack surface and knowing the “unknown unknowns”.

Stealth Software Technologies

Stealth Software Technologies

Stealth Software Technologies is focused on the generation of research and software products focused on applied cryptography and cybersecurity.

Quantum Armor

Quantum Armor

Quantum Armor is a next-gen cyber security monitoring platform that allows you to continuously stay aware of your security posture, and proactively spot trends, vulnerabilities and potential attacks.

SecurIT360

SecurIT360

SecurIT360 is a full-service specialized Cyber Security and Compliance consulting firm.

PhishFirewall

PhishFirewall

PhishFirewall is an advanced AI-driven CyberSecurity Awareness Education, Threat Emulation, and Human Security Analytics Platform.

DeXpose

DeXpose

DeXpose is a hybrid dark/deep web monitoring and attack surface mapping platform to help you find compromised data or exposed assets related to your organization way before threat actors.

ProvenRun

ProvenRun

ProvenRun is a leading provider of trusted software solutions with extensive expertise and an unwavering commitment to security.

Acclaim Technical Services (ATS)

Acclaim Technical Services (ATS)

ATS provide operational products, services and solutions to the defense and intelligence communities for all types of critical mission needs.

SyberFort

SyberFort

SyberFort offers a suite of SAAS-based platforms designed to fortify your digital defenses including Threat Intelligence and Brand Protection.

Ethnos Cyber

Ethnos Cyber

Ethnos Cyber is Africa’s leading cybersecurity and compliance management company. We provide Information Security, Risk Management, Cybersecurity and Compliance Management solutions to clients.