- Insider threats are now seen as a greater risk than external attacks, report finds
- Nearly two -thirds of organizations faced file -related violations in the last two years, with average costs of $ 2.7 million
- 27% Use DLP tools to fight insider -risk but layered defense is still important
Insider cyber security threats – be it from malicious, dissatisfied employees or simply negligent individuals – is a greater concern than they have ever been, new research has claimed.
OPWAT – Ponemon State of File Security Report, which examined 612 IT and security practitioners in the United States, found almost half (45%) of the quoted quoted data leakage from insiders as the biggest threat to their security strategy.
This makes insider threats a larger item than external attacks, which were also confirmed by another state – almost two -thirds (61%) of respondents experienced a data violation or security incident involving unauthorized access to sensitive or confidential data in files within the last two years.
Prevention of data loss to rescue
For more than half of the respondents (54%), the offenses affected their bottom line.
The average cost of incidents was $ 2.7 million in the last two years, with two -thirds (66%) of the respondents who said the average costs of all incidents in the last two years were between $ 500,000 and more than $ 10 million.
The problem is aggravated only by limited visibility and control over how files have access to, shared and stored, the report explained further.
Many organizations apparently struggle to monitor file activity effectively and leave them exposed to unauthorized access. Despite the severity of the threat, only 40% of organizations reported the ability to detect and respond to file -based threats within a day or a week.
Ponemon says many organizations are now addressing data loss prevention (DLP) technologies to mitigate these risks.
The report states that more than a quarter (27%) of the respondents who have already been deployed DLP – primarily to tackle insider threats. These tools can help with file monitoring, enforcement of access to politics and marking of suspicious behavior.
The report also emphasizes that DLP alone will not suffice and that companies need a comprehensive file security strategy with layered defense.
Via Infosecurity Magazine
