Why employee training matters: Negligent users are top insider threat

November 21, 2017

Sign up to free email newsletters


The State of Physical Access Control in EMEA Businesses – 2020 Report

Access is a crucial concept behind any successful firm – access to clients, to suppliers, to services and to data.

As such, controlling who has access to places and data pivotal to the functioning of your business should be one of your top priorities. The level of access granted to various employees, depending on their seniority and involvement in a given process, is a serious consideration given that the insider threat was perceived as one of the main security risks companies faced in 2016.

Security breaches are tremendously expensive: they require significant time, resources, and money in order to mitigate their devastating effects. It’s no wonder then that companies care so much about potential sources of data breaches – and insider threats are among the biggest worries.

According to a 2016 insider threat report, 74% of companies admit that they feel vulnerable to insider threats, and only 42% – less than half – believe they have appropriate security countermeasures in place. Inadvertent data breaches are on top of the list of the most serious insider threats, as 71% of firms state, while 68% are concerned about negligent data breaches.

Users with privileged access are the most important source of insider threats for 60% of companies, yet over 50% worry about regular employees too

Users with privileged access, such as managers, are identified as the most important source of insider threats for 60% of companies surveyed, yet over 50% worry about regular employees too.

As their name implies, insider threats originate with an organisation’s insiders, whereby current or past employees, business partners, contractors, board members, officers or third-party service providers are granted legitimate access privileges and use them to compromise the confidentiality, integrity or availability of the organisation’s data.

Intentional, compromised and accidental breaches

Insider threats are categorised into three broader types: intentional (perpetrated deliberately by individuals who usually seek personal gain or commit espionage), compromised (when a hacker takes advantage of an authorised insider’s accidental activities to launch a malware attack or gain unauthorised access to the organisation’s networks, systems and data), and accidental (which occur when people inadvertently expose sensitive data, including credentials, often in the context of their work).

Perhaps surprisingly, accidental insider threats are the most common cause of cybersecurity breaches. According to the 2016 Cost of Data Breach Study by the Ponemon Institute, out of 874 security breaches reported by companies, 85 were caused by outsiders gaining unauthorised access by exploiting stolen credentials, and 191 by malicious employees and cybercriminals – and an astonishing 568 were due to negligent employees or contractors.

With regard to physical access, employees who have privileged access rights to designated facilities and laboratories and are careless in how they use them are often the source of security incidents.

So it’s vital to educate your employees about incorporating basic security practices into their daily routine to reduce the risk of breaches as much as possible.

It’s not enough just to limit control user access and the number of privileged users to those absolutely essential. You also need to make sure that those who do have physical or cyber access understand the role they have to play and the potential effects of their negligence.

A combination of periodic training, test runs and clearly delineated cybersecurity standards as part of your corporate culture can truly go a long way towards preventing carelessness among employees and reducing the risk of breaches.

WATCH: The Challenges of Secure IoT

This unmissable free webinar will help you understand the risks, opportunities and regulations for IoT and cyber security, so you can get on top of this fast-evolving sector of the industry.

Watch this exclusive IFSEC Digital Week on-demand webinar today, and hear from Virtually Informed's Sarb Sembhi, Unified Security's James Willison and Derwent London's Nick Morgan.

Notify of
Inline Feedbacks
View all comments