Clearswift Insider Threat Index 2018
- Organisations report that 38% of IT security incidents occur as a direct result of their employees' actions, and 75% originate from their extended enterprise (employees, customers, suppliers)
- Ex-employees are responsible for 13% of cybersecurity incidents
Theale (UK) 19th July, 2017 – New research by data security company, Clearswift, has shown that year on year cybersecurity incidents from those within the organization, as a percentage of all incidents, have fallen in the UK and Germany, two countries currently now under the ruling of GDPR. However, in the United States, a country outside of the direct jurisdiction, threats are on the rise.
The research surveyed 400 senior IT decision makers in organizations of more than 1,000 employees across the UK, Germany, and the US. The data has revealed that when looking at the true insider threat, which takes into account inadvertent and malicious threats from the extended enterprise – employees, customers, suppliers, and ex-employees – this number sits at 65% in the UK, down from 73% in 2017. Similarly, senior IT decision makers in Germany also saw a drop to 75%, down from 80% the previous year. US respondents actually saw a rise in the insider threat of up to 80%, a number rising from 72% in 2017.
Direct threats from an employee within the business - inadvertent or malicious – now make up 38%, of incidents. This has halted the rising threat evident in 2017 and 2015 showing 42% and 39% respectively. Threats from ex-employees account for 13% of all cyber security incidents, highlighting a clear need for better processes when employees part ways.
“Although there’s a slight decrease in numbers in the EMEA region, the results once again highlight the insider threat as being the chief source of cybersecurity incidents. Three-quarters of incidents are still coming from within the business and its extended enterprise, far greater than the threat from external hackers. Businesses need to shift the focus inwards”, said Dr Guy Bunker, SVP Products at Clearswift.
“I think at the very least what GDPR has done is ensure firms have a better view of where critical data sits within their business and highlighted to employees that data security is an issue that is now of critical importance, which may be why we’ve seen a drop in the insider threat across EU countries. If a firm understands where the critical information within the business is held and how it is flowing in and out of the network, then it is best placed to manage and protect it from the multitude of threat vectors we’re seeing today.”
Although internal threats pose the biggest threat to most organizations, employers believe that the majority (62%) of incidents are accidental or inadvertent rather than deliberate in intent; a number that is slightly down on 2017 (65%).
The insider threat was slightly less for companies with over 3,000 employees (36%), as opposed to those with between 1,000 – 3,000 employees. This is a possible indication of more robust internal processes and checkpoints at larger businesses.
Bunker added, “Organisations need to have a process for tracking the flow of information in the business and have a clear view on who is accessing it and when. Businesses need to also ensure that employees ‘buy into’ the idea that data security is now a critical issue for the business. Educating them on the value of data, on different forms of data, what is shareable and what's not, is crucial to a successful cybersecurity strategy.
“Having said that, mistakes can still happen and technology can act as both the first and last line of defense. In particular, Adaptive Data Loss Prevention solutions can automatically remove sensitive data and malicious content as it passes through a company network.”
Notes to editors:
This research was conducted by technology research firm, Vanson Bourne, on behalf of Clearswift.
400 senior IT decision makers in organizations of more than 1,000 employees across the UK, Germany, and the US were polled.
2017 data was conducted by technology research firm, Vanson Bourne, on behalf of Clearswift. Over 600 business decision makers and 1,200 employees from the UK, US, Germany, and Australia were polled to map the attitudes of businesses and employees relating to cybersecurity.
2015 Data was conducted by research firm Loudhouse. Clearswift polled over 500 IT decision makers and 4,000 employees internationally to assess views on security from both the decision-maker level and those who are expected to comply.
For further information or to arrange a briefing please contact:
Clearswift is trusted by organizations globally to protect critical information, giving them the freedom to securely collaborate and drive business growth. Its unique technology supports a straightforward and ‘adaptive’ data loss prevention solution, avoiding the risk of business interruption and enabling organizations to have 100% visibility of their critical information 100% of the time. As a global organization, Clearswift is headquartered in the United Kingdom, with offices in the United States, Germany, Australia and Japan and an extensive partner network across the globe.