sb-nz logo
Story image

IT leaders fear data breaches are an 'inside job'

Insider data breaches caused by employees are a major concern for the majority of IT leaders, with new research from Egress showing 97% of IT leaders fear employees compromise information. 

Egress, a provider of human layer data security solutions, launched its latest Insider Breach 2020 research, which looks at the causes and impacts of internal security breach incidents and IT leaders and employees viewpoints about data risk, responsibility and ownership. 

The survey reveals that 78% of IT leaders think employees have put data at risk accidentally in the last 12 months and 75% think employees have put data at risk intentionally. When asked about the implications of these breaches, 41% say financial damage would be the area of greatest impact.

This second annual survey looks at the causes, frequency and implications of internal security breach incidents and the perspectives of IT leaders and employees about data risk, responsibility and ownership.   Conducted by independent research organisation, Opinion Matters in January 2020, more than 500 IT leaders and 5000 employees were surveyed across the UK, US and Benelux regions.

The results uncovered serious discrepancies between IT leaders’ perceptions of insider breach risk and causes, and how they are in managing them. It also exposed that employees are still confused about data ownership and responsibility.  

Asked what traditional security tools they have in place to mitigate insider breach risk, just half of IT leaders said they are using anti-virus software to combat phishing attacks, 48% are using email encryption and 47% provide secure collaboration tools.  More than half (58%) say employee reporting is more likely than any breach detection system to alert them to an insider data breach.

Egress CEO, Tony Pepper, believes the findings show how IT leaders are resigned to the inevitability of insider breaches and don’t have adequate risk management in place.

“While they acknowledge the sustained risk of insider data breaches, bizarrely IT leaders have not adopted new strategies or technologies to mitigate the risk. Effectively, they are adopting a risk posture in which at least one-third of employees putting data at risk is deemed acceptable," he says.

“The severe penalties for data breaches mean IT leaders must action better risk management strategies, using advanced tools to prevent insider data breaches. They also need better visibility of risk vectors; relying on employees to report incidents is not an acceptable data protection strategy.”

Misdirected and phishing emails are the top cause of accidental insider data breaches

Forty one percent of employees who had accidentally leaked data said they had done so because of a phishing email. Thirty one percent said they caused a breach by sending information to the wrong person, for example, by email. This is underlined by the fact that 45% said they had received an outlook recall message or an email asking them to disregard an email sent in error over the last year.

“Incidents of people accidentally sharing data with incorrect recipients have existed for as long as they’ve had access to email," says Pepper.

"As a fundamental communication tool, organisations and security teams have weighed the advantages of efficiency against data security considerations, and frequently compromise on the latter. However, we are in an unprecedented time of technological development, where tools built using contextual machine learning can combat common issues, such as misdirected emails, the wrong attachments being added to communications, auto-complete mistakes, and employees not using encryption tools correctly," he explains.

"Organisations need to tune into these advances to truly be able to make email safe.”

Erroneous employee views on data ownership

The survey also showed that employee misconceptions over data ownership have a negative impact on information security. The employee-facing research found 29% of respondents said they or a colleague had intentionally shared data against company policy in the past year. A worrying 46% said they or a colleague had broken company policy when they took data with them to a new job, while more than a quarter (26%) said they had taken a risk when sharing data because they weren’t provided with the right security tools.

"This reckless approach to data protection may be explained by employees’ views on data ownership and responsibility," says Pepper. The report shows 41% of the employees surveyed don’t believe that data belongs exclusively to the organisation and only 37% recognise that everyone has responsibility for keeping data safe.

“Employees want to own the data they create and work on, but don’t want the responsibility for keeping it safe. This is a toxic combination for data protection efforts. When you add their propensity to take data with them when they change jobs and willingness to take risks when sharing data, the scale of the challenge faced by security professionals is alarming," Pepper says.

Directors disrespecting data

The survey also highlighted that the more senior the employee, the more cavalier their attitude towards data breaches. 78% of directors have intentionally shared data against company policy in the past year, compared with just 10% of clerical staff.

Directors are the most likely to take data with them to a new job – 68% of those who had intentionally broken policy had done so when they changed jobs, compared with the overall average of 46%.

Story image
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More
Story image
From Me to We: Partnerships & multiparty systems in the post-COVID-19 age
MPS is all about sharing data infrastructure between people and organisations - think along the lines of blockchain, distributed databases and ledgers.More
Story image
ABB and Nozomi Networks extend collaboration, deliver improved OT security solutions
"With Nozomi Networks solutions added to our cybersecurity portfolio, our customers gain proven network monitoring and threat detection technology."More
Story image
Claroty discovers vulnerabilities in Ovarro TBox RTUs
The vulnerabilities could enable attackers to break into the systems and run code, crash systems, and meddle with configuration files, amongst other malicious actions.More
Story image
Enterprises underutilising security tools, causing teams to burn out
The report unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organisation between executives and operations on security teams.More
Story image
ThreatQuotient hits $22.5m in new financing, continues growth streak
“Since we first invested in ThreatQuotient in 2017, their team has continued to prove to the market that there is a critical need for cybersecurity solutions aimed at security operations."More