All organisations are vulnerable to insider abuse, errors and malicious attacks. These can affect reputation, operations and profitability, and expose data, harm the organisation and deliver valuable intellectual property into competitors’ hands.
Insiders can be current or former employees, contractors, or other business partners who have been granted authorised access to networks, systems or data. All of them can bypass security measures through legitimate means.
New report highlights the state of insider threats
According to the 2016 Insider Threat Report, organisations are most concerned about the following insider threats:
- Inadvertent data breach/leak (71%), e.g. a careless user causing an accidental breach.
- Negligent data breach (68%), e.g. a user wilfully ignoring policies, but not malicious.
- Malicious data breach (61%), e.g. a user wilfully causing harm.
Privileged IT users, such as administrators who have access to sensitive information, pose the biggest insider threat (60%), closely followed by contractors and consultants (57%).
The report also highlighted the IT assets that are most vulnerable to insider attacks:
- Databases (57%)
- File servers (55%)
- Mobile devices (44%)
Along with the data most vulnerable to insider attacks:
- Customer data (63%)
- Sensitive financial data (55%)
- Intellectual property (54%)
Why are insider threats increasing?
The report highlighted the main reasons why insider threats are rising:
- Lack of employee training/awareness (62%)
- Insufficient data protection strategies or solutions (57%)
- Increasing number of devices with access to sensitive data (54%)
What can you do to prevent an insider attack?
74% of organisations feel vulnerable to insider threats – a 7% increase on 2015’s survey results – and only 42% of organisations feel they have the appropriate controls in place to prevent an insider attack.
Alan Calder, founder and executive chairman of IT Governance, says: “Insider threat is a big part of the information security challenge that organisations face. In most cases, mistakes will be made unintentionally, but the underlying message is that in order to prevent these from happening, companies must educate staff, enforce effective policies and procedures, and manage access control.
“ISO 27001 should be the default standard that organisations turn to when addressing insider threat and other issues, and adopting an integrated approach to people, process and technology.”
Build a defence programme against insider threats
October’s book of the month – the most in-depth guide on the market – is the ideal resource for anyone looking to learn how a security culture based on international best practice can help mitigate insider threat to your security.
Insider Threat – A Guide to Understanding, Detecting, and Defending Against the Enemy from Within looks beyond perimeter protection tools and details how to build a defence programme using security controls from the international standards ISO 27001 and ISO 27002, and NIST SP 800-53.
This indispensable guide details:
- The common characteristics of insider threat victims;
- The typical stages of a malicious attack;
- The steps you can take to implement a successful insider threat programme; and
- How to build a three-tier security culture, encompassing artefacts, values and shared assumptions.
Alternatively, you may be interested in our Security Awareness Programme. This combines a learning needs assessment with the deployment of a bespoke programme supported by a range of awareness interventions. These interventions can be customised and delivered through different media, channels and formats to ensure a better fit with your organisation’s needs, culture and values. Find out more >>>