ONE IN 50 WORKERS SUSPECTED OF BEING A MALICIOUS INSIDER SURVEY FINDS
As many as one in fifty employees could be a malicious insider, according to a new report examining the threat. A survey of IT professionals by Imperva found that more than a third of companies have experienced security incidents involving malicious insiders in the last year.
36 per cent said such incidents had occurred in the last 12 months, and the respondents believed as much as two per cent of the workforce to consist of malicious employees.
One company in the report said it had been forced to shut down for three weeks after an attack against its network. Another had its online banking system hacked in a phishing scam.
In one report case, an employee forgot to log out of their company computer and a malicious insider used it to delete the business’s files.
As well as malicious insiders, 12 per cent of companies had suffered incidents due to careless employees, and 21 per cent of those surveyed agreed that their firms are full of “data dummies” that inappropriately access or misuse their businesses’ data.
They reported incidents of employees sharing confidential documents with the wrong people via email and infecting networks with malware after visiting illicit websites.
“Our study shows that the insider threat is real and reinforces the fact that the biggest threat to enterprise security is the people already on the payroll,” said Imperva chief strategist Terry Ray. “The unfortunate reality is that insiders can do far more damage than external attackers because they have legitimate access and vast opportunity.
“To mitigate the risk, enterprises should ask themselves where sensitive data lives, and try to invest more money in protecting that, instead of wasting budget solely building ‘higher’ and more advanced firewalls.
“Detecting insider threats requires combining a set of technologies and techniques.
“The basis for good detection is proper monitoring of all data access activity. On top of that, there should be anomaly detection based on behaviour analysis that can detect abusive access patterns or abnormal extraction patterns.”