Insider threats remain the dominant cause of data security incidents: report
Insider risk remains the main cause of all data security incidents, currently accounting for 58% of the breaches, according to a new study commissioned by Imperva from Forrester Research.
Insider threats can vary in nature and aren’t necessarily inherently malicious. As such, they can begin with an employee skipping proper security practices or being simply untrained to work in the digital environment.
In other cases, the cause of the threat might be more insidious. A research by Beyond Identity showed 56% of workers admiting to using remaining account access to harm their ex-employer, with the value skyrocketing to 70% among laid off employees. As a result, 27% said they used account access to get their hands on company ideas while 24% used their credentials to access financial information, passwords, and process-related documents.
"Insider threats are hard to detect because internal users have legitimate access to critical systems, making them invisible to traditional security solutions like firewalls and intrusion detection systems. The lack of visibility into insider threats is creating a significant risk to the security of organization's data," said Chris Waynforth, AVP Northern Europe at Imperva.
Despite those developments, Imperva’s research demonstrates that 31% of companies still don’t consider insider threats to pose a considerable risk. Alarmingly, 70% of organizations located in the EMEA region aren’t prepared for such threats.
Most of the respondents cited lack of budget (39%) and internal expertise (38%) as the main reasons for the lack of focus on insider threats. Others suggested that the lack of executive sponsorship causes such attitudes (33%.)
"It is imperative that organizations add insider risk to their overall data protection strategy," Waynforth furtherly said. "An effective insider threat detection system needs to be diverse, combining several tools to not only monitor insider behavior, but also filter through the large number of alerts and eliminate false positives. Also, as protection of a company's intellectual property begins at the data layer, a comprehensive data protection plan must include a security tool that protects the data layer."
More from Cybernews:
Subscribe to our newsletter