Research shows security threats from insiders exploding

Nearly 75% of security breaches come from within a business’s own network.

  • 9 years ago Posted in

Research from Clearswift, the global data loss prevention company, has uncovered a dramatic rise in security threats directly caused by individuals inside organisations. A staggering 88% of businesses polled internationally have experienced an IT or security incident in the last 12 months, with 73% of those attributed to their employees, ex-employees, contractors and partners (known as the extended enterprise), compared to last year’s figure of 58%. This shows that businesses face growing threats from within.


Clearswift polled over 500 IT decision makers and 4,000 employees internationally to assess views on security from both the decision-maker level and those who are expected to comply. The full report will be available in May - more information below.


70% of respondents believe that high-profile security stories such as the Edward Snowden scandal and the Sony Pictures data breach have forced internal security threats up the corporate agenda, but only 28% think that internal breaches are treated with the same level of importance as external threats by the board. 14% go as far to say that until their organisation has a serious data breach that was caused by an internal actor; it will never be taken as seriously as the threat of external hackers.


Simple lack of awareness and understanding of data security threats was the most commonly perceived factor contributing to the rise of internal threats (58%). Other issues raised were the use of forbidden apps, personal devices that do not adhere to IT policies, and a general contempt for following protocol.


Because insider threats are generally not malicious, they present a greater concern than planned attacks for businesses, as around half of employees would be perceived as being capable of causing a breach by accident. To prevent these easily-caused and potentially damaging incidents, it is vital for a business to deploy both the tools and policies to minimise the risk of accidents occurring.


Guy Bunker, SVP Products at Clearswift comments: “Many businesses are still struggling to accept that one of their biggest security risks could come from people they employ in their organisation. High-profile attacks, such as the Sony Pictures data breach are helping to shed light on these occurrences, but many people don’t realise that this was how the attack began and wouldn’t liken the situation to their own business ... unless of course it does happen to them. Organisations need to be prepared for both accidental and malicious data loss and ensure that adaptive prevention methods are put in place to stop them at the root – before they can even leave an individual’s computer or device.”

Talent and training partner, mthree, which supports major global tech, banking, and business...
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
GPUaaS provides customers on-demand access to powerful accelerated resources for AI, machine...
TMF Group, a leading provider of critical administrative services for global businesses, turned to...
Strengthening its cloud credentials as part of its mission to champion the broader UK tech sector...
Nearly all UK IT managers surveyed (98%) state cloud investment is an organisational priority for...
LetsGetChecked is a global healthcare solutions company that provides the tools to manage health...
Node4 to the rescue.