Over 90% Of Security Pros Fear Insider Threats

The biggest security threat to your business likely isn't a cyber-criminal or hacktivist, but someone already in your organisation, according to a Wednesday March 20th Report from BetterCloud.  The vast majority (91%) of the 500 IT and security professionals surveyed said they feel vulnerable to insider threats, whether their acts are malicious or accidental.

Some 62% of professionals said they believe the largest insider security threat comes from well-meaning but negligent end users, the report found, as opposed to those who intentionally cause harm (21%) or those who are exploited by outsiders through compromised credentials (17%).

More than half (53%) of respondents said they felt the employees who were most likely to be a threat were those who have left or were planning to leave the company, or contractors whose contract had ended, according to the report.

Three-fourths (75%) of respondents said they believe the biggest insider security risks lie in cloud applications, including popular file storage and email solutions like Google Drive and Dropbox.

"The rise of SaaS in the digital workplace has made companies more vulnerable than ever to insider threats," David Politis, founder and CEO of BetterCloud, said in a press release. 

This is due to taking control over data with SaaS applications from IT teams to end users, as well as the increasing complexity of the SaaS application infrastructure, Politis added. Indeed, 46% of IT leaders surveyed said they believe the rise of SaaS applications has made them more vulnerable, the report found. And 40% said they believe they are most vulnerable to exposure of confidential business information, including financial data and customer lists.

Of the C-level executives surveyed, just 26% said they have invested enough to mitigate the risk of insider threats, versus 44% of IT managers, the report found.

TechRepublic

You Might Also Read:

Protecting Your Company’s Data Against Insider Threats:

How To Develop Secure Cybersecurity Practices:

« "Cookie Walls" Non-Compliant With GDPR
What Should You Do If Your Business Is Hit By A Cyber Attack? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Mellanox Technologies

Mellanox Technologies

Mellanox Technologies is a leading supplier of end-to-end Ethernet and InfiniBand intelligent interconnect solutions and services for servers, storage, and hyper-converged infrastructure.

CSIRT Panama

CSIRT Panama

CSIRT Panama is the national Computer Incident Response Team for Panama.

DocAuthority

DocAuthority

DocAuthority automatically discovers and accurately identifies unprotected, sensitive documents, enabling a broad yet business-friendly security policy.

Onspring

Onspring

Onspring is the cloud-based platform of choice for governance, risk and compliance (GRC) teams and business operations experts across multiple industries.

Cybersecurity Collaborative

Cybersecurity Collaborative

CyberSecurity Collaborative is a forum for CISOs to share information that will collectively make us stronger, and better equipped to protect our enterprises from those seeking to damage them.

Xage Security

Xage Security

Xage is the world’s first blockchain-protected security platform for Industrial IoT.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

X4 Technology

X4 Technology

X4 Technology is a leader in finding the very best technology talent for some of the world’s most innovative start-ups and globally recognised brands.

ValueMentor

ValueMentor

ValueMentor is a leading cyber security service provider in the Middle East. We enable clients to reduce risk by taking a strategic approach to cybersecurity.

ITTAS

ITTAS

ITTAS is a multidisciplinary company specializing in information security and software and hardware protection software.

NACVIEW

NACVIEW

NACVIEW is a Network Access Control solution. It allows to control endpoints and identities that try to access the network - wired and wireless, including VPN connections.

Artjoker

Artjoker

Artjoker is a full cycle software development partner specialized in Blockchain projects and smart contract development including full cycle information security of all projects.

Battery Ventures

Battery Ventures

Battery partners with talented founders and teams building category-defining businesses at all stages of growth.

Carahsoft Technology Corp

Carahsoft Technology Corp

Carahsoft Technology is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets.

Reco AI

Reco AI

Reco is an identity-centric SaaS security solution that empowers organizations with full visibility into every app, identity, and their actions to control risk in their SaaS ecosystem.

GovSky

GovSky

GovSky streamlines CMMC compliance, saving time and significantly reducing cost.