Regardless of your security protocol, there will always be threats. One of the most often forgotten outlets for attacks comes from insider threats. Sometimes these threats may be from angry employees wanting to sink your business, but more often than not, those behind insider threats don’t have malicious intentions. Still, it’s best to cover your bases and ensure that your organization isn’t at risk from careless or negligent employees.
Insider threats are categorized as internal threats that are either malicious or negligent in nature, like irate employees, or those who just don’t care about security best practices. Regardless of why the insider threat is a threat, you should be aware of these enlightening statistics concerning security and insider threats.
Internal and External Threats: Reality vs Expectations
A study by Accenture and HfS Research claims that 69 percent of organizations have experienced the theft or destruction of data due to internal threats. This is compared to only 57 percent experiencing the same from external threats. These numbers are much different from their expectations, however; only 55 percent expect to become a victim of an internal threat, while 80 percent expect external threats to make trouble. The lesson: be prepared for anything, or you’ll be prepared for nothing.
Exposure of Sensitive Data to the End User
The Ponemon Institute issued a study claiming that 62 percent of users felt that they had access to data that they probably didn’t need access to. To resolve this problem, employers can implement a user-access control system that restricts access to certain information on a per-user basis. For example, your average employee has no business accessing financial records, salary information, and personally identifiable information (Social Security numbers, birth dates, addresses, etc.).
Reaction Time to Insider Threats
According to Ponemon, the reaction time to insider threats varied. Some organizations responded quickly, while others went months, or even years before finding out:
It’s a bit surprising that organizations have taken this long to find out about insider threats, but regardless, it’s proof that something needs to be done, sooner rather than later. Organizations need to have ways to keep track of who accesses what data, and how their data is handled.
The Ability to Respond to Insider Threats
SANS Institute reports that 31.9 percent of businesses have no way of fighting against insider threats, while 68.1 percent have tools to take the fight to them. It’s surprising that the numbers are so low, but perhaps it’s because administrators simply aren’t aware of the activity themselves.
How Effective Preventative Measures Are
According to SANS Institute, only 9 percent of organizations have techniques proven to prevent insider threats from becoming an issue. 42 percent have the tools, but they aren’t used. 36.4 percent are currently implementing processes to mitigate insider threats, while 2.3 percent simply aren’t concerned by them.
Mimecast suggests that 45 percent of companies claim that they’re ill-equipped to handle malicious insider threats involving email security, which is more than any of the other kind email threat. Therefore, businesses need to keep an eye on what enters and exits the infrastructure via email.
The Types of Insider Threats
According to Gartner, there are three types of insider threats. One, called a “second streamer” (someone who uses the data from one job to obtain revenue from another job) consists of 62 percent of insider threats. 29 percent of insider threats are from the “career launcher,” or someone who took information with them as they left a company, while only 9 percent of insider threats could be classified as sabotage.
If your business doesn’t know how to take the fight to insider threats, reach out to Network Management Services at (707) 268-8850.