Over 90% Of Security Pros Fear Insider Threats

The biggest security threat to your business likely isn't a cyber-criminal or hacktivist, but someone already in your organisation, according to a Wednesday March 20th Report from BetterCloud.  The vast majority (91%) of the 500 IT and security professionals surveyed said they feel vulnerable to insider threats, whether their acts are malicious or accidental.

Some 62% of professionals said they believe the largest insider security threat comes from well-meaning but negligent end users, the report found, as opposed to those who intentionally cause harm (21%) or those who are exploited by outsiders through compromised credentials (17%).

More than half (53%) of respondents said they felt the employees who were most likely to be a threat were those who have left or were planning to leave the company, or contractors whose contract had ended, according to the report.

Three-fourths (75%) of respondents said they believe the biggest insider security risks lie in cloud applications, including popular file storage and email solutions like Google Drive and Dropbox.

"The rise of SaaS in the digital workplace has made companies more vulnerable than ever to insider threats," David Politis, founder and CEO of BetterCloud, said in a press release. 

This is due to taking control over data with SaaS applications from IT teams to end users, as well as the increasing complexity of the SaaS application infrastructure, Politis added. Indeed, 46% of IT leaders surveyed said they believe the rise of SaaS applications has made them more vulnerable, the report found. And 40% said they believe they are most vulnerable to exposure of confidential business information, including financial data and customer lists.

Of the C-level executives surveyed, just 26% said they have invested enough to mitigate the risk of insider threats, versus 44% of IT managers, the report found.

TechRepublic

You Might Also Read:

Protecting Your Company’s Data Against Insider Threats:

How To Develop Secure Cybersecurity Practices:

« "Cookie Walls" Non-Compliant With GDPR
What Should You Do If Your Business Is Hit By A Cyber Attack? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Bob's Business

Bob's Business

Bob's Business adopts a fresh approach to information security awareness and compliance training, delivering key information through the use of short animated movies.

Team Cymru Research NFP

Team Cymru Research NFP

Team Cymru Research is a group of technologists passionate about making the Internet more secure and dedicated to that goal.

Radware

Radware

Radware is a global leader of application delivery and cyber security solutions for virtual, cloud and software defined data centers.

Evidian

Evidian

Evidian, a Bull Group company, is the European leader and one of the major worldwide vendors of identity and access management software.

Datiphy

Datiphy

Datiphy's data-centric security platform uses behavioral analytics, and data-centric auditing and protection capabilities to mitigate risk.

Lockton

Lockton

Lockton is the world’s largest privately owned insurance brokerage firm. Commercial services include Cyber Risk insurance.

BlueID

BlueID

BlueID is an IDaaS technology product which enables your objects to securely connect and interact with your users’ smart phones and smart watches.

TeachPrivacy

TeachPrivacy

TeachPrivacy provides computer-based privacy and data security training that is engaging, memorable, and understandable.

Trustlook

Trustlook

Trustlook's SECUREai engine delivers the performance and scalability needed to provide total threat protection against malware and other forms of attack.

Synelixis Solutions

Synelixis Solutions

Synelixis Solutions is a high-tech company founded to provide complete telecommunications, networking, security, control and automation solutions.

SYSGO

SYSGO

SYSGO is the leading European provider of real-time operating systems for critical embedded applications in the Internet of Things (IoT).

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator invests in early stage disruptive companies in the security industry including, Cybersecurity, Internet of Things (IOT), Blockchain and AI.

Skudo

Skudo

Skudo is dedicated to creating innovative best-in-class solutions that protect data exchange with the highest level of security and privacy.

Prevasio

Prevasio

Prevasio is a next-gen Cloud Security Posture Management (CSPM) with a built-in Vulnerability and Anti-Malware Scan for Containers.

BigBear.ai

BigBear.ai

BigBear.ai delivers high-end analytics capabilities across the data and digital spectrum to deliver information superiority and decision support.

Methods

Methods

Methods is the leading digital transformation partner for the UK public sector. We care deeply about making our public services better and have been doing this for over 28 years.