Insiders and third-party collaborators account for more than four out of 10 cyber-security incidents, a new report from Aite Group shows.
Insider threats evolve around intellectual property theft, IT sabotage, fraud and accidents as the result of human error.
Insiders and their third-party collaborators make up 44% of cyber-security incidents.
The biggest threat to a company’s cyber-security is outsiders (56%), but malicious insiders (17%) and inadvertent actors (5%) could result in the most damage, according to IBM research.
71% of incidents in the financial services sector were fraud cases, according to the CERT Division’s Insider Threat Center’s database for Management and Education of the Risk of Insider Threat. These cases primarily involved current (79%) and former employees (17%).
Of 191 cases in the financial services sector, 48% led to a loss of more than $100,000, and 18% lost more than $1 million, according to the CERT Division’s Insider Threat Center’s database for Management and Education of the Risk of Insider Threat.
49% of 191 incidents studied were detected by nontechnical means (such as a co-worker or client complaint), followed by an audit (41%) system failure (4%), information system (4%) and software (3%).
The biggest source of losses is from servers (31%), printed records (17%), email (14%), laptops (12%), Websites (9%), portable data storage devices (7%), desktops (4%), and telephones (3%) in an analysis of 551 cases by Advisen.
Insurance event data offers cyber-security insights to help prioritize initiatives and budgets. In an analysis of 707 cases, 70% were for loss or theft from a digital data breach, according to research from Advisen.
Insight into a company’s business to understand asset and confidential-information priorities and to identify and prioritize known threats must balance security with the business’ performance.
A layered approach to protection involves written policies and procedures, people screening and training, technological controls, process controls, employee assistance programs, company culture and law enforcement.
Insider protection lapses occur because of a lack of policy and procedure adherence. Upshot: Companies need to follow policies and procedures.
Information security training—keeping employees informed about the risks and elements of social engineering—is an ongoing task as cyber-security evolves rapidly.