Every business faces the possibility of external attacks, but the real threat could be buried within, in the form of the disgruntled employee, says Dan Raywood.
The biggest difference between insider and external threats is that while businesses are often equipped to deal with the latter, they tend to be left wanting when it comes to monitoring and detecting unusual or suspicious employee behaviour.
In a recent poll of 300 IT decision-makers, Clearswift found that 83 per cent had experienced a data security incident in the past year. Interestingly, 58 per cent of these respondents believed an insider was the culprit, while seven per cent laid the blame at the door of former employees.
“Look at the statistics on data loss – only seven per cent of it comes from misuse, which could be someone doing something they shouldn’t, or theft,” says Chris Cheyne, senior consultant on cyber security at the merchant bank and operational risk business Salamanca Group. He adds: “It is not always about volume. The reality is that, while an opportunist might hack into your network and pull data, which he or she will analyse later and try and sell [if they deem it valuable], the insider has access to what they already know is high-value information.”