SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Insider threat report reveals deception in the workforce
Wed, 21st Oct 2020
FYI, this story is more than a year old

When it comes to imagining threats to enterprise cybersecurity, it is easier to conjure up ideas of malicious third parties plotting to infiltrate an organisation. But a considerable amount of data leakage has been caused by insider threats in recent years.

Insider threats come from people inside an enterprise, whether they divulge proprietary information with nefarious intentions, or are just careless employees that unwittingly share sensitive data.

A recent insider threat report provides an analysis of the current state of insider threats within organisations across various industries, as well as how enterprises are addressing them and preventing data leakage.

The study surveyed IT and security professionals about the subject. The results contained valuable information, painting a full picture of just how safe organisations really are from insider threats, the measures they are willing to take in order to remediate them, and the unfortunate price that many pay when they lack proper security.

The cost of poor security

Over 32% of the study's survey respondents said that the average cost of a single insider attack falls between US$100,000 and $2 million.

While the former may seem negligible, the costs can still add up quickly if there are multiple incidences. Moreover, some costs associated with suffering an insider attack are less concrete and evident than others. For example, the negative implications for brand reputation often result in the loss of current and prospective customers.

Additionally, prolonged disruption to business operations is another type of collateral damage that organisations experience after insider attacks, as 38% of survey participants attested to.

While larger enterprises might overlook this statistic, recent global events demonstrate the ramifications of business operations coming to a halt. Unfortunately, among those surveyed, over 61% reported at least one insider attack at their enterprise in the past 12 months.

These are some of the reasons why organisations need to prioritise comprehensive security solutions that uphold business continuity and performance. Organisations that deploy the right security tools proactively can save themselves from a host of setbacks that are commonly associated with insider attacks.

This study was just the tip of the iceberg when it comes to the increasing risks of insider attacks. To ensure an organisation is able to circumvent insider attacks, it would pay to seek further information and to take appropriate precautions to ensure that relevant staff are aware of the risks.