A newly released report revealed 94 percent of organizations suffered insider data breach in the last 12 months. The report was conducted by Egress' "Insider Data Breach Survey 2021" with 500 IT leaders and 3,000 employees in the United States and the United Kingdom across vertical sectors, including financial services, health care and legal.
"Insider threats are a significant potential issue faced by organizations around the globe and include threats stemming from malicious intent, human error and falling victim to phishing scams," said Amit Sharma, a security engineer at Synopsys Software Integrity Group.
"Many insider threats are born out of negligence rather than malicious intent."
The report indicated human error was the leading cause of serious insider data breaches, with 84 percent of organizations experiencing security incidents caused by mistake. However, malicious insiders were IT leaders' biggest worry, with 28 percent indicating 74 percent of organizations breached because of employees breaking security rules and 73 percent suffered cracks caused by phishing.
"Human factor plays an important role by which unaware employees make for a good phishing attack target," said Sharma. "There may also be instances involving accidental deletion of data without proper backups, incorrect access and privileges are granted regarding sensitive data, purposely pushing vulnerable code to production due to time and demand pressure, among others. There have also been instances where disgruntled or former employees have intentionally leaked sensitive data for financial gain, with the aim of tarnishing the brand, or for competitive advantage."
To manage such scenarios, according to Sharma, policies should be enacted to minimize the impact and successes of insider threats. First, this involves managing privileges and permissions. The policy of least privilege should allow an employee or contractor enough access to data to complete their role. Regular monitoring should also be put in place to identify any potential risk behavior.
In addition, employee security awareness training, phishing training campaigns and password and data protection management policies are additional practices to strengthen an organization's security posture, Sharma said. Keeping employees acquainted with data security obligations on a regular basis keeps security risk on top of mind. Employees, contractors and partners should have the tools and information on hand to stay vigilant.
"And the 'what if' must also be accounted for," said Sharma. "What if an insider attack does take place? Does your organization have an incident response plan accounting for such scenarios? Be prepared for the worst so you could act quickly and effectively in order to disclose the event and minimize its impact to your business and customers."