The number of High Court cases involving employees stealing confidential data has increased by 25 per cent in a year, according to new figures. David Emm, Principal Security Researcher at Kaspersky Lab commented below.
David Emm, Principal Security Researcher at Kaspersky Lab:
The insider threat represents one of the greatest challenges to businesses trying to stave off a constant barrage of cyberattacks. Research by Kaspersky Lab and B2B International reveals that 28 per cent of all cyberattacks and 38 per cent of targeted attacks now involve malicious activity by insiders.
Employees rank at the very top of the list of threats to data and systems. Their motivations are often hard to predict and anticipate, ranging from a desire for financial gain to disaffection, coercion and simple carelessness. When insider-assisted attacks do occur, the impact of such attacks can be devastating as they provide a direct route to the most valuable information – customer data.
Here are a few steps organisations can take to help identify and protect against insider threats:
- Educate your staff about responsible cyber-security behaviour and the dangers to look out for, and introduce robust policies about the use of business email addresses.
- Use threat intelligence services to understand why cybercriminals might be looking at your company and to find out if someone is offering an insider “service” in your organisation.
- Restrict access to the most sensitive information and systems.
- Perform regular security audits of the company’s IT infrastructure.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.