Insiders Are Behind Most Business Cybersecurity Incidents

Uploaded on 2018-01-23 in NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Resilience

Insider threats are a bigger risk to cyber security than external hackers, with 74% of cyber incidents happening from within companies. 

That's according to survey data conducted by Vanson Bourne on behalf of data security company Clearswift, which took responses from 600 senior business decision makers and 1,200 employees from around the world, with a particular focus on businesses in the UK, US, Germany, and Australia,

When asked about the cyber security threats encountered by the companies, nearly three-quarters found that threat incidents are increasingly coming from within a company rather than from hackers trying to breach their firewalls and defences.
In fact, the study found that over 42% of threats, whether they were inadvertent or malicious, come from employees alone.

When considering the extended enterprise, meaning employees, customers, suppliers, or even previous employees, the number increases to 74%. Although most companies, 65%, believe that these inside incidents are accidental, that data still suggests a serious need for more extensive security education within businesses.

While the threats from internal sources have increased from the 39% in 2015, the number of attacks from outside parties has decreased from 33% in 2015 to a current 26%.

Despite this fall in outside attacks, 29% of businesses within the UK are now implementing cyber security into their boardroom agendas, perhaps due to the recent attacks on companies from hackers as seen with the widespread WannaCry ransomware attacks.

Dr. Guy Bunker, SVP of products at Clearswift, suggests educating employees and investing in data loss prevention in order to shrink the internal security risks. “Businesses may fall victim to the frenzy around high profile attacks and organisations may be quick to look at threats outside the business but, in reality, the danger exists closer to home. The blurring lines between personal and work-based technologies has led to an unabated rise in the insider threat," he said. 

Although 40% of organisations claim the frequency of security incidents have increased over the last year, albeit at a slower rate than previously recorded, companies are spotting these incidents more quickly, with more than half of organisations detecting an issue within an hour.

ITPro

You Might Also Read: 

Businesses Get Better At Detecting Insider Threats:

Data Threat: Your Ex-Employees:

Are Employees Your Weakest Link When It Comes To Security?:

 

« The CIA Discovers It Has A Mole
Facebook Users To Rank The News They Trust »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Mielabelo

Mielabelo

Belgian consulting firm providing services in the security and compliance of information systems and IT service management.

Lacuna Talent

Lacuna Talent

Lacuna Talent delivers the combined power of Via Resource, the international Cyber Security recruiter, and Lacuna Talent, the Specialist AI/Data recruiter.

ThaiCERT

ThaiCERT

ThaiCERT is the national Computer Security Incident Response Team (CSIRT) for Thailand.

ZM CIRT

ZM CIRT

ZM CIRT is the national Computer Incident Response Team for Zambia.

Certus Software

Certus Software

Our Secure Data Erasure solutions protect customer data confidentiality by completely erasing it from data storage devices.

MerlinCryption

MerlinCryption

MerlinCryption develops infrastructure security software, delivering advanced encryption, authentication, and random data generators, for Cloud, VoIP, eCommerce, M2M, and USB hardware.

Eclypsium

Eclypsium

Eclypsium protects organizations from the foundation of their computing infrastructure upward, controlling the risk and stopping threats inside firmware of laptops, servers, and networks.

Parameter Security

Parameter Security

Parameter Security is a provider of ethical hacking and information security services.

Ampyx Cyber

Ampyx Cyber

Ampyx Cyber (formerly Ampere Industrial Security) is an industrial security firm. We specialize in industrial control systems (ICS) and operational technology (OT) security.

National Cryptologic Foundation (NCF) - USA

National Cryptologic Foundation (NCF) - USA

The National Cryptologic Foundation strives to influence the cryptologic future by sharing our educational resources, stimulating new knowledge, and commemorating our heritage.

LGMS - LE Global Services

LGMS - LE Global Services

LGMS is a leading cyber security penetration testing and assessment firm in the Asia Pacific region.

ZEUSS

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.

AddSecure

AddSecure

AddSecure is a leading European provider of secure IoT connectivity and end-to-end solutions.

Aliro Security

Aliro Security

AliroNet is the world’s first entanglement Advanced Secure Network solution.

Qodea

Qodea

Qodea (formerly Appsbroker CTS) is Europe's largest Google Premier only transformation partner.

Bluecyber Insurance

Bluecyber Insurance

At Bluecyber, we are revolutionizing the cyber insurance market, democratizing access to digital protection for small and medium-sized businesses.