Insiders Are Behind Most Business Cybersecurity Incidents

Insider threats are a bigger risk to cyber security than external hackers, with 74% of cyber incidents happening from within companies. 

That's according to survey data conducted by Vanson Bourne on behalf of data security company Clearswift, which took responses from 600 senior business decision makers and 1,200 employees from around the world, with a particular focus on businesses in the UK, US, Germany, and Australia,

When asked about the cyber security threats encountered by the companies, nearly three-quarters found that threat incidents are increasingly coming from within a company rather than from hackers trying to breach their firewalls and defences.
In fact, the study found that over 42% of threats, whether they were inadvertent or malicious, come from employees alone.

When considering the extended enterprise, meaning employees, customers, suppliers, or even previous employees, the number increases to 74%. Although most companies, 65%, believe that these inside incidents are accidental, that data still suggests a serious need for more extensive security education within businesses.

While the threats from internal sources have increased from the 39% in 2015, the number of attacks from outside parties has decreased from 33% in 2015 to a current 26%.

Despite this fall in outside attacks, 29% of businesses within the UK are now implementing cyber security into their boardroom agendas, perhaps due to the recent attacks on companies from hackers as seen with the widespread WannaCry ransomware attacks.

Dr. Guy Bunker, SVP of products at Clearswift, suggests educating employees and investing in data loss prevention in order to shrink the internal security risks. “Businesses may fall victim to the frenzy around high profile attacks and organisations may be quick to look at threats outside the business but, in reality, the danger exists closer to home. The blurring lines between personal and work-based technologies has led to an unabated rise in the insider threat," he said. 

Although 40% of organisations claim the frequency of security incidents have increased over the last year, albeit at a slower rate than previously recorded, companies are spotting these incidents more quickly, with more than half of organisations detecting an issue within an hour.

ITPro

You Might Also Read: 

Businesses Get Better At Detecting Insider Threats:

Data Threat: Your Ex-Employees:

Are Employees Your Weakest Link When It Comes To Security?:

 

« The CIA Discovers It Has A Mole
Facebook Users To Rank The News They Trust »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Eversheds Sutherland

Eversheds Sutherland

Eversheds Sutherland is a global multinational law practice offering a full range of commercial and IT law services including Privacy, Data Protection and Cyersecurity.

Quotium

Quotium

Quotium provides automated testing technologies to make business software applications secure and robust.

INCIBE-CERT

INCIBE-CERT

INCIBE-CERT is the reference security incident response center for citizens and private law entities in Spain

Rhebo

Rhebo

Rhebo Industrial Protector monitors and ensures the continuous, correct, and predictable operation of real-time Industrial Control Systems to prevent outages and reduce downtimes.

Cybersixgill

Cybersixgill

Cybersixgill was founded with a single mission: to protect organizations against malicious cyber attacks that come from the deep and dark web, before they materialize.

Intrinsyc Technologies

Intrinsyc Technologies

Intrinsyc provides product development services and Edge Computing modules that are helping to take the Internet of Things products to the next level.

Celerium

Celerium

Celerium transforms cyber defense for both companies and industry sectors by leveraging cyber threat intelligence to defend against cyber threats and attacks.

Charterhouse Voice & Data

Charterhouse Voice & Data

Charterhouse is your trusted technology partner - designing, provisioning and supporting the technology that underpins your operations including network security and data compliance.

Revere Technologies

Revere Technologies

Revere Technologies is a pure-play cyber security solutions and services provider in Sub-Saharan Africa.

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection Conference (HIP)

Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric cybersecurity practitioners charged with defending hybrid cloud environments.

Kiteworks

Kiteworks

Kiteworks (formerly Accellion) creates a dedicated Private Content Network that ensures zero-trust private content protection and compliance.

Mayer Brown

Mayer Brown

Mayer Brown is a global law firm. We have deep experience in high-stakes litigation and complex transactions across industry sectors including the global financial services industry.

Galvanick

Galvanick

Galvanick enables your operations and IT teams to protect your industrial systems and networks against digital threats.

ImagineX Consulting

ImagineX Consulting

ImagineX Consulting is a cybersecurity-focused boutique technology consultancy whose mission is to help our clients #BeBetter by reducing their corporate risk.

42Crunch

42Crunch

42Crunch provides API security testing and threat protection. We proactively test, fix and protect your APIs from development to runtime.

Blackmere Consulting

Blackmere Consulting

Blackmere Consulting is a Nationwide Technical and Executive Recruiting firm dedicated to Cyber Security and Information Technology.