New research has revealed that 94% of organisations have experienced insider data breaches in the last year. Additionally,
- Human error was the top cause of serious incidents, according to 84% of IT leaders surveyed;
- Almost three-quarters (74%) of organisations have been breached because of employees breaking security rules;
- 73% have been the victim of phishing attacks.
<p><span lang=\"EN-US\">Insider threats are a significant potential issue faced by organisations around the globe and include threats stemming from malicious intent, human error, and falling victim to phishing scams. Many insider threats are born out of negligence rather than malicious intent. The human factor plays an important role by which unaware employees make for a good phishing attack target. There may also be instances involving accidental deletion of data without proper backups, incorrect access/privileges are granted regarding sensitive data, purposely pushing vulnerable code to production due to time/demand pressure, etc. </span></p>
<p><span lang=\"EN-US\">There have also been instances where disgruntled or former employees have intentionally leaked sensitive data for financial gain, with the aim of tarnishing the brand, or for competitive advantage. To manage such scenarios, policies should be enacted to minimise the impact and successes of insider threats. First and foremost, this involves managing privileges and permissions. The policy of least privilege should allow an employee/contractor only enough access to data to complete their job role. Regular monitoring should also be put in place to identify any potentially risky behaviour. </span></p>
<p><span lang=\"EN-US\">Employee security awareness training, phishing training campaigns, and password and data protection management policies are additional practices that will strengthen your organisation\’s security posture. Keeping employees apprised of their data security obligations on a regular basis will keep security risk top of mind. Employees, contractors, partners, etc. should have the tools and information on hand to stay vigilant. </span> <span lang=\"EN-US\"> And the \’what if\’ must also be accounted for. What if an insider attack does take place? Does your organisation have an incident response plan that accounts for such scenarios? Be prepared for the worst so that you can act quickly and effectively in order to disclose the event and minimise its impact to your business and customers.</span></p>