Menu Close

Cybercrime: Insider threats remain dominant cause of data insecurity ─Report

*A recent research by Beyond Identity indicated 56 percent of workers admitted to using remaining account access to harm their ex-employers, with the value skyrocketing to 70 percent among laid-off employees

Gbenga Kayode | ConsumerConnect

Following the recent surge in reported cybercriminal incidents across the world, a fresh study commissioned by Imperva from Forrester Research has indicated that insider risk remains the main cause of all data security incidents, currently accounting for 58 percent of the breaches.

ConsumerConnect learnt the experts discovered insider risk could vary in nature and are not necessarily inherently malicious.

As such, they can begin with an employee skipping proper security practices or being simply untrained to work in the digital environment, report said.

In other cases, the cause of the threat might be more insidious. A research by Beyond Identity showed 56 percent of workers admiting to using remaining account access to harm their ex-employer, with the value skyrocketing to 70% among laid off employees.

As a result, 27 percent said they used account access to get their hands on company ideas while 24 percent used their credentials to access financial information, passwords, and process-related documents, CyberNews report stated.

Chris Waynforth, AVP Northern Europe at Imperva, said: “Insider threats are hard to detect because internal users have legitimate access to critical systems, making them invisible to traditional security solutions like firewalls and intrusion detection systems. “The lack of visibility into insider threats is creating a significant risk to the security of organisation’s data.”

Despite those developments, Imperva’s research demonstrates that 31% of companies still don’t consider insider threats to pose a considerable risk, report said.

Alarmingly, 70 percent of organisations located in the Europe, Middle East and Africa (EMEA) region aren’t prepared for such threats.

Report further showed that most of the respondents cited lack of budget (39%) and internal expertise (38%) as the main reasons for the lack of focus on insider threats. Others suggested that the lack of executive sponsorship causes such attitudes (33%.)

Waynforth also stated: “It is imperative that organisations add insider risk to their overall data protection strategy.

“An effective insider threat detection system needs to be diverse, combining several tools to not only monitor insider behaviour, but also filter through the large number of alerts and eliminate false positives.

“Also, as protection of a company’s intellectual property begins at the data layer, a comprehensive data protection plan must include a security tool that protects the data layer.”

Kindly Share This Story


Kindly share this story