When it comes to imagining threats to enterprise cyber security, it is easier to conjure up ideas of malicious third parties plotting to infiltrate an organisation. But a considerable amount of data leakage has been caused by insider threats in recent years, cautions Juan Lugo from Bitglass.
He says that insider threats come from people inside an enterprise, whether they divulge proprietary information with malevolent intentions, or are just careless employees that unwittingly share sensitive data.
“In my company’s recent insider threat report, we set out to uncover the current state of insider threats within organisations across various industries, as well as to learn how enterprises are addressing them and preventing data leakage.
So we partnered with a cyber security community to survey IT and security professionals about the subject. The results contained valuable information, painting a full picture of just how safe organisations really are from insider threats, the measures they are willing to take in order to remediate them, and the unfortunate price that many pay when they lack proper security.”
The cost of poor security
Over 32 percent of survey respondents said that the average cost of a single insider attack falls between $US100,000 and $US2 million.
While the former may seem negligible, the costs can still add up quickly if there are multiple incidences. Moreover, some costs associated with suffering an insider attack are less concrete and obvious than others. For example, the negative implications for brand reputation often result in the loss of current and prospective customers.
Additionally, disruption to business operations is another type of collateral damage that organisations experience after insider attacks, with 38 percent of survey participants attested to this.
While larger enterprises might overlook this statistic, recent global events demonstrate the ramifications of business operations coming to a halt. Unfortunately, among those surveyed, over 61 percent reported at least one insider attack at their enterprise in the past 12 months.
These are some of the reasons why organisations need to prioritise comprehensive security solutions that uphold business continuity and performance. So organisations that deploy the right security tools proactively save themselves from a host of setbacks that are commonly associated with insider attacks.
This is just a taste of my company was able to uncover in its most recent research. To learn more about how your organisation can circumvent insider attacks, it will pay organisations to seek further information.