Most companies are clueless when it comes to stopping insider threats
Employees often put their companies in harm's way
Most companies are failing to guard against internal threats in the same way they shield against external attackers, a new report from cybersecurity firm Imperva suggests.
There are numerous reasons for this behavior, from budget constraints, to the lack of in-house expertise. However, many companies are simply oblivious to the dangers posed by insider threats.
Imperva surveyed 464 security and IT professionals with responsibility for managing insider threats for their organization and found that 59% prioritize external threats over internal ones. However, the majority of incidents (59%) in EMEA over the last twelve months were caused by insiders.
We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time. Thank you for taking part.
Downplaying the threat
Drilling deeper into the reasons for downplaying insider threats, Imperva found that 39% of companies lack the necessary budget. Approximately the same percentage (38%) cited lack of internal expertise, while 29% said they didn’t see insiders as a “substantial threat”.
A third (33%) said they didn’t have executive sponsorship, and were thus indifferent to insider threats, while 70% said they didn’t have an insider risk management strategy. More than half (58%) lack a dedicated insider threat team.
An insider threat may sound ominous, but often there is no little malice involved on the part of the employee.
Sometimes, employees take sensitive data with them when moving onto a new position, believing the information will help them in their new position. However, doing so exposes their previous employer to a potential data breach.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
In other instances, workers act recklessly, taking away storage devices and other endpoints with sensitive data, without double-checking their contents. Others accidentally invite threat actors into the corporate network after falling for a phishing scam, leading to a malware infection.
Of all the major breaches that happened in the last five years, a quarter (24%) were caused by human error.
“It is imperative that organizations add insider risk to their overall data protection strategy. An effective insider threat detection system needs to be diverse, combining several tools to not only monitor insider behavior, but also filter through the large number of alerts and eliminate false positives,” said Chris Waynforth, AVP Northern Europe at Imperva.
“Also, as protection of a companies’ intellectual property begins at the data layer, a comprehensive data protection plan must include a security tool that protects the data layer.”
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.