The increased connectivity of people, devices, and organisations’, has created a complex security landscape, leaving enterprises vulnerable to cyber risk. But cybersecurity should not be limited to external threats, it should include internal risks as well.
Complex internal or insider risk is increasingly threatening organisations’ financial data, trade secrets, Personal Identifiable Information (PII) and employee safety. With 72% of employees willing to share sensitive, confidential or regulated company information, and 62% of users say they can access enterprise data they shouldn’t, it’s no wonder, 90% of organisations feel vulnerable to insider attacks.
Insider risk is one of the most prevalent cyber risks facing organisations—it is also one of the most underestimated. Unlike the cyber attacks that hit the news on a daily basis, companies like to keep their internal affairs of insider-caused and -facilitated losses quiet, unpublicised, and unshared. As a result, organisations aren’t aware how widespread this problem really is.
In 2016 we predicted the rise of the “insider”, and since then we have seen organisations severely impacted by employees, independent contractors, and others who have been given access to confidential company information by the company itself. In 2018, we expect and predict companies will continue to be plagued by insider threats and major attacks will continue to be prevalent.
When faced with insider threats and internal investigations, organisations must act fast-or risk possibly devastating consequences.
1.Crowd Research Partners. “2018 Insider Threat Report”. 2018.
2.Dell. “Dell End User Survey 2017”. 2017.
3.Crowd Research Partners. “2018 Insider Threat Report”. 2018.