43% of organizations say malicious insiders are their biggest concern

2017 was a big year for cyber attacks. Yahoo, Equifax, and Deloitte were all targeted by massive attacks, WannaCry and NotPetya crippled organizations across the globe, and the number of phishing, ransomware, and point-of-sale (POS) breaches all soared. If your only exposure to cyber crime was through the news, you’d think external threats were the be-all and end-all of cyber crime.

But before organizations spend their entire cyber security budgets on preventing external attacks, it’s worth remembering that internal actors also play a major role in data breaches.

In a 2017 study by SANS Institute, 43% of respondents said that malicious insiders were their biggest concern.

When asked to rank attack vectors according to the amount of damage they could cause, only 23% said external actors. By contrast, 36% said negligent employees and 40% said malicious insiders.

Even though 62% of respondents said they never experienced an insider attack, the study’s author, Eric Cole, said this was probably because few organizations are able to spot an insider incident when it occurs. The study appears to support this, with 38% of respondents saying that the systems and methods they use to monitor insider activity are ineffective.

Only 18% of respondents said they had a formal incident response plan that covers insider attacks.

Preparing for insiders

It’s nearly impossible to prevent malicious actors. Almost anyone in your organization could be a risk, and if a disgruntled employee wants to cause damage badly enough, they’ll find a way. Accidental breaches are even harder to stop, because employees inevitably make occasional mistakes.

However, organizations can mitigate the risk of breaches by implementing security policies for employees to follow, such as access controls, which limit the amount of information any one employee can view.

Employees should also be given staff awareness training to remind them of their information security responsibilities and the organization’s regulatory and compliance requirements.

Making sure your employees know about these requirements can be time-consuming and costly, so we’ve created the Information Security Staff Awareness E-learning Course. It’s designed to help employees better understand information security risks and awareness policies and procedures.

By enrolling your staff on this course, you can reduce the likelihood of insider error and be sure that your information assets are better protected.

Find out more about our Information Security Staff Awareness E-learning Course >>