Insider threats make up 74% of business cyber security incidents

Data suggests that security threats are predominantly coming from within companies not from external hackers.

According to a survey undertaken by Vanson Bourne on behalf of a data security company called Clearswift, insider threats are a much larger risk to cyber security than external hackers, around 74% of cyber incidents are taking place internally within businesses. This survey was in response to around 600 senior business decision makers and around 1,200 employees from around the world, there was a notable focus on businesses in the UK, US, Germany and Australia.

Around three quarters of businesses when quizzed about cyber security encountered by them, it was found these threats episodes are growingly coming from companies internally rather than from hackers trying to breach their firewalls and defences. Interestingly the study undertaken found that around 42% of threats irrespective if they were unintentional or malicious actually came from employees internally.

The data gathered does advocate a much more serious need for businesses and their employees to have a greater need of education on security.

Even though threats from internal sources have risen from the 39% in 2015, the number of attacks from outside parties has lessened from 33% in 2015 to 26% currently.

29% of UK businesses are now carrying out cyber security into their boardroom agendas which is great news, this is despite the fall in outside attacks. Maybe this could be to do with recent attacks on businesses from hackers as seen with the extensive spread of WananCry ransomware attacks..

There are steps businesses can take to mitigate cyber threats, both internal and external. Learn more in Kaspersky’s free whitepaper, ‘Fighting ransomware on workstations and servers alike’.

Download now

Not surprising that Dr. Guy Bunker, SVP of products at Clearswift is very much advising education employees and to invest in data loss prevention to help minimise internal security risks.

“Businesses may fall victim to the frenzy around high profile attacks and organisations may be quick to look at threats outside the business but, in reality, the danger exists closer to home. The blurring lines between personal and work-based technologies has led to an unabated rise in the insider threat,” he said.

Even though 40% of businesses are claiming there has been an increase in the regularity of security incidents, despite a slower rate than previously recorded, businesses are noticing these incidents far more quickly than before, around half of businesses are detecting an issue within an hour.