New Research Shows Security Threats from Insiders Exploding but Businesses Aren’t Ready to Accept It | Press Release

New Research Shows Security Threats from Insiders Exploding but Businesses Aren’t Ready to Accept It

  • Poll of over 500 IT decision makers and 4,000 employees
  • Nearly 75% of security breaches come from within a business’s own network
  • 28% think board level executives don’t see internal threats as issue until attack
  • Ongoing lack of critical awareness and understanding towards impact of neglecting security
Posted on March 15, 2015

18 March 2015 – New research from Clearswift, the global data loss prevention company, has uncovered a dramatic rise in security threats directly caused by individuals inside organisations. A staggering 88% of businesses polled internationally have experienced an IT or security incident in the last 12 months, with 73% of those attributed to their employees, ex-employees, contractors and partners (known as the extended enterprise), compared to last year’s figure of 58%. This shows that businesses face growing threats from within.

Clearswift polled over 500 IT decision makers and 4,000 employees internationally to assess views on security from both the decision-maker level and those who are expected to comply. 

70% of respondents believe that high-profile security stories such as the Edward Snowden scandal and the Sony Pictures data breach have forced internal security threats up the corporate agenda, but only 28% think that internal breaches are treated with the same level of importance as external threats by the board. 14% go as far to say that until their organisation has a serious data breach that was caused by an internal actor; it will never be taken as seriously as the threat of external hackers. 

Simple lack of awareness and understanding of data security threats was the most commonly perceived factor contributing to the rise of internal threats (58%). Other issues raised were the use of forbidden apps, personal devices that do not adhere to IT policies, and a general contempt for following protocol.
Because insider threats are generally not malicious, they present a greater concern than planned attacks for businesses, as around half of employees would be perceived as being capable of causing a breach by accident. To prevent these easily-caused and potentially damaging incidents, it is vital for a business to deploy both the tools and policies to minimise the risk of accidents occurring.

Guy Bunker, SVP Products at Clearswift comments: “Many businesses are still struggling to accept that one of their biggest security risks could come from people they employ in their organisation. High-profile attacks, such as the Sony Pictures data breach are helping to shed light on these occurrences, but many people don’t realise that this was how the attack began and wouldn’t liken the situation to their own business ... unless of course it does happen to them. Organisations need to be prepared for both accidental and malicious data loss and ensure that adaptive prevention methods are put in place to stop them at the root – before they can even leave an individual’s computer or device.”

About Clearswift

Clearswift’s content-aware, policy based solutions enables defense, government, healthcare and financial services organizations across the globe to manage and maintain no-compromise data, email, cloud and web security.

MRB Public Relations
+1 732 758 1100
[email protected]

C8 Consulting
+44 118 334 0220
[email protected]

Recent News
January 12, 2023

In this IT Security Wire article, cybersecurity experts Eric George and Tom Gorup share their 2023 cybersecurity predictions.

September 2, 2022

MINNEAPOLIS (September 1, 2022)—Fortra announced today the acquisition of Outflank, a well-regarded IT security leader with de

July 21, 2022

Fortra employee, Ciaran Rafferty shares his thoughts on everything from cybersecurity trends to the future of email security in this interview with Intelligent CIO. 

April 12, 2022

MINNEAPOLIS —April 8, 2022—Fortra announced today the acquisition of Terranova Security, a leader in global phishing simulation and security awareness t

March 9, 2022

Managed detection and response (MDR) forms new cornerstone of Fortra's cybersecurity portfolio