Some 40% of businesses believe they’ll suffer an insider breach in the next 12 months, with many more claiming their company doesn’t do enough to raise awareness of cyber threats, according to Clearswift.
The DLP firm polled 500 IT decision makers and 4,000 employees in the US, UK, Germany and Australia to compile its 2015 Clearswift Insider Threat Index.
It revealed that, aside from the plurality who believe they’ll suffer an insider breach soon, 75% of employees don’t think their organization provides enough info on data protection policies.
A further 58% don’t have enough understanding of what a security threat might look like while half said they ignore data policies at work to get their jobs done.
The data chimes with other findings from the research already reported including the fact that a quarter of employees would be happy to sell critical company data for as little as £5,000.
It also emerged from this research that HR and finance staff members are regarded as the biggest threat to data security as they run the risk of sending sensitive information to the wrong people or accidentally downloading malware onto machines.
The insider threat has been highlighted many times before. Pwc’s 2015 Information Security Breaches Survey claimed that 10% of UK breaches were down to malicious staff members or contractors, while 26% was down to accidental abuse by these employees.
That’s the highest single cause of breaches listed in the survey, above third party suppliers (18%) and organized crime (23%).
The problem for CISOs is that mitigating the insider data security risk is difficult, and requires attention to people, process and technology.
Clearswift SVP of products, Guy Bunker, argued that it can be tricky persuading the board of the need for greater investment in data loss prevention because of ‘FUD’ (fear, uncertainty and doubt).
This article has been extracted from http://www.infosecurity-magazine.com, please click on this link to read the article in full http://www.infosecurity-magazine.com/news/insider-breaches-40-of-firms-think/
Montash is a multi-award winning global technology recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:
ERP Recruitment, BI & Data Recruitment, Information Security Recruitment, Enterprise Architecture & Strategy Recruitment, Energy Technology Recruitment, Demand IT and Business Engagement Recruitment, Digital and E-commerce Recruitment, Leadership Talent, Infrastructure and Service Delivery Recruitment, Project and Programme Delivery Recruitment.
Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.