Insider Threat: 74% of security incidents come from the extended enterprise, not hacking groups

Clearswift Insider Threat Index 2017

  • Organizations report that 42% of IT security incidents occur as a result of their employees actions, and 74% originate from their extended enterprise (employees, customers, suppliers)
  • Finance (58%), HR (52%) and legal teams (47%) still seen as biggest custodians of critical data
  • 40% of businesses have seen the frequency of security incidents rise since 2015
  • Hacker threat down from 33% in 2015 to 26% in 2017
Posted on September 22, 2017

Theale (UK) 22 September, 2017. New research by leading data security company, Clearswift, has shown that year on year cybersecurity incidents, particularly insider threats; continue to rise, but that companies are able to spot suspicious activity significantly quicker than two years previous.

The research, which surveyed 600 senior business decision makers and 1,200 employees across the UK, US, Germany and Australia, has revealed that threats from an employee - inadvertent or malicious - make up 42% of incidents, a number that has increased from 2015 when 39% of incidents originated from inside an organization’s network.

When looking at the extended enterprise – employees, customers, suppliers, and ex-employees – this number reaches 74%, compared to 26% of attacks from parties unknown to the organization. In 2015, 33% of attacks were carried out by unknown parties, so this proportion is falling, which may seem surprising given the recent swathe of high profile attacks, such as WannaCry, which affected over 230,000 computers.

While it is more likely that an incident will occur internally, large-scale external threats are more likely to encourage companies to add cybersecurity to the boardroom agenda, with 29% of UK businesses now adding cybersecurity to the boardroom agenda following the high profile attacks in recent months.

Although internal threats pose the biggest threat to most organizations, employers believe that the majority (65%) of incidents are accidental or inadvertent rather than deliberate in intent; this remains unchanged over the past three years and highlights a critical need for better security education within most organizations. This is particularly relevant, as most businesses believe their critical data predominantly lies in non-technical departments, such as finance (55%), HR (45%) and legal or compliance (43%).

Dr Guy Bunker, SVP Products at Clearswift, said: “As GDPR approaches, every department in a business will need to recognize the potential security dangers associated with the data they use. Businesses may fall victim to the frenzy around high profile attacks and organizations may be quick to look at threats outside the business but, in reality, the danger exists closer to home. The blurring lines between personal and work-based technologies has led to an unabated rise in the insider threat.

“A reactive policy of blocking technologies may prove futile as users will inevitably find a workaround. Educating employees about how to safeguard critical information, motivating employees to care more about the ramifications of a breach, and increasing investment in Data Loss Prevention (DLP) tools are the biggest priorities needed to minimize the risk of internal security breaches.

“Being a responsible data citizen will also require organizations to look at the way in which partners or suppliers hold and share information, as breaches within the extended enterprise could also lead to heavy fines for the originating business.”

40% of organizations state that they have seen the frequency of security incidents increase in the last 12 months, however, the increase is happening at a slower rate than the previous two years. Despite the risks, organizations are becoming quicker at spotting incidents on the network, with more than half (52%) spotting an issue within an hour, compared to only a third (34%) two years ago.

******

 

Notes to editors:

This research was conducted by technology research firm, Vanson Bourne, on behalf of Clearswift. Over 600 business decision makers and 1,200 employees from the UK, US, Germany and Australia were polled to map the attitudes of businesses and employees relating to cybersecurity.

About Clearswift:

Clearswift’s content-aware, policy based solutions enables defense, government, healthcare and financial services organizations across the globe to manage and maintain no-compromise data, email, cloud and web security.

US
MRB Public Relations
+1 732 758 1100
[email protected]

EMEA
C8 Consulting
+44 118 334 0220
[email protected]

Recent News
January 12, 2023

In this IT Security Wire article, cybersecurity experts Eric George and Tom Gorup share their 2023 cybersecurity predictions.

September 2, 2022

MINNEAPOLIS (September 1, 2022)—Fortra announced today the acquisition of Outflank, a well-regarded IT security leader with de

July 21, 2022

Fortra employee, Ciaran Rafferty shares his thoughts on everything from cybersecurity trends to the future of email security in this interview with Intelligent CIO. 

April 12, 2022

MINNEAPOLIS —April 8, 2022—Fortra announced today the acquisition of Terranova Security, a leader in global phishing simulation and security awareness t

March 9, 2022

Managed detection and response (MDR) forms new cornerstone of Fortra's cybersecurity portfolio