Insiders Are Behind Most Business Cybersecurity Incidents

Insider threats are a bigger risk to cyber security than external hackers, with 74% of cyber incidents happening from within companies. 

That's according to survey data conducted by Vanson Bourne on behalf of data security company Clearswift, which took responses from 600 senior business decision makers and 1,200 employees from around the world, with a particular focus on businesses in the UK, US, Germany, and Australia,

When asked about the cyber security threats encountered by the companies, nearly three-quarters found that threat incidents are increasingly coming from within a company rather than from hackers trying to breach their firewalls and defences.
In fact, the study found that over 42% of threats, whether they were inadvertent or malicious, come from employees alone.

When considering the extended enterprise, meaning employees, customers, suppliers, or even previous employees, the number increases to 74%. Although most companies, 65%, believe that these inside incidents are accidental, that data still suggests a serious need for more extensive security education within businesses.

While the threats from internal sources have increased from the 39% in 2015, the number of attacks from outside parties has decreased from 33% in 2015 to a current 26%.

Despite this fall in outside attacks, 29% of businesses within the UK are now implementing cyber security into their boardroom agendas, perhaps due to the recent attacks on companies from hackers as seen with the widespread WannaCry ransomware attacks.

Dr. Guy Bunker, SVP of products at Clearswift, suggests educating employees and investing in data loss prevention in order to shrink the internal security risks. “Businesses may fall victim to the frenzy around high profile attacks and organisations may be quick to look at threats outside the business but, in reality, the danger exists closer to home. The blurring lines between personal and work-based technologies has led to an unabated rise in the insider threat," he said. 

Although 40% of organisations claim the frequency of security incidents have increased over the last year, albeit at a slower rate than previously recorded, companies are spotting these incidents more quickly, with more than half of organisations detecting an issue within an hour.

ITPro

You Might Also Read: 

Businesses Get Better At Detecting Insider Threats:

Data Threat: Your Ex-Employees:

Are Employees Your Weakest Link When It Comes To Security?:

 

« The CIA Discovers It Has A Mole
Facebook Users To Rank The News They Trust »

Directory of Suppliers

SecuPedia

SecuPedia

SecuPedia is a wiki-type platform that collects and provides the entire knowledge of security and IT security.

e-Information systems, Security and Audit Association (eISSA)

e-Information systems, Security and Audit Association (eISSA)

eISSA's purpose is to create awareness in the areas of eGovernance, eAuditing, Quality Assurance, Security and related areas in the field of Information Technology.

Qubus

Qubus

Qubus is a powerful tool to support any Governance Risk and Compliance (GRC) process.

Reblaze Technologies

Reblaze Technologies

Reblaze provides the world’s best security technologies in a cloud-based website security platform.

Inside Secure

Inside Secure

Inside Secure is at the heart of security solutions for mobile and connected devices.

AVG Technologies

AVG Technologies

AVG is focused on providing home and business computer users with the most comprehensive and proactive protection against computer security threats.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

Netpay International

Netpay International

Netpay's innovative technology ensures your business can provide secure, innovative payments solutions to all your e-commerce transactions.

Network Integrity Systems

Network Integrity Systems

Network Integrity Systems is a leader in network infrastructure security and offers solutions specifically developed for Government and Private Enterprise.

Picviz Labs

Picviz Labs

Picviz Labs is a provider of industry leading data-mining and cyber-security technologies, powerful tools to meet your threat detection and data analysis needs.

PrimeKey

PrimeKey

PrimeKey provides organisations with the ability to implement security solutions such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation.

DTS Solution

DTS Solution

DTS Solution delivers advanced cyber security solutions through is technology partnerships with industry leading security vendors and advanced consulting services.

Clearswift

Clearswift

Clearswift is trusted by businesses, governments and defense organizations globally for its Adaptive Cyber Security and Data Loss Prevention solutions.

MindPoint Group

MindPoint Group

MindPoint Group is a specialist Information Security Consulting firm.

Asseco Group

Asseco Group

Asseco Poland stands at the forefront of the multinational Asseco Group. We are a leading provider of state-of-the-art IT solutions in Central and Eastern Europe.