Over Two Thirds Of Organisations Breached Due To Insider Threat

Code42 has released new research showing employees take more risks with data than employers think, leaving organisations open to insider threat.

Some key points:

  • Over two-thirds (69%) of organizations say they were breached due to an insider threat and confirm they had a prevention solution in place at the time of the breach.
  • Over three-quarters (78%) of information security leaders – including those with traditional data loss prevention (DLP) – believe that prevention strategies and solutions are not enough to stop insider threat.
  • Over three-quarters (78%) of CSOs and 65% of CEOs admit to clicking on a link they should not have, showing that no level of employee is immune to lapses in judgement
  • Nearly two-thirds (63%) of survey respondents admit to bringing data from past employers to their new jobs

HelpNetSecurity has covered the report here: https://www.helpnetsecurity.com/2019/10/07/insider-threat-risk/

Experts Comments

October 08, 2019
Peter Draper
Technical Director, EMEA
Gurucul
This research confirms what many already know. Point solutions are not cutting it anymore, especially for insider threats. A more comprehensive insider threat program is required. One which combines as many different data sources as possible across an organization and which can link behaviors from multiple feeds back to a single entity. Once this is done machine learning should be applied to identify anomalous and risky behavior and deliver the insight is a simple way with as much context as.....Read More
This research confirms what many already know. Point solutions are not cutting it anymore, especially for insider threats. A more comprehensive insider threat program is required. One which combines as many different data sources as possible across an organization and which can link behaviors from multiple feeds back to a single entity. Once this is done machine learning should be applied to identify anomalous and risky behavior and deliver the insight is a simple way with as much context as possible. Providing a correlated, risk prioritized view for analysts to respond to as well as integrating with other solutions via automation capabilities is one of the key ways to handle insider threat. Although let’s be clear insider threat is not just about deploying technology it’s about using that technology to drive processes and education.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts