Businesses should focus on the ‘accidental’ insider threat
Most insider data losses are accidents rather than malicious attacks.
The so-called insider threat is more likely to be an accident than a malicious attack, according to IDC research.
More than half (52 per cent) of organisations described their insider threat incidents as most likely to be accidental, according to a survey. Just the 19 per cent believed that incidents were mostly deliberate.
IDC warned companies against making malicious insider attacks their priority, as accidents could be more damaging.
Insider risk is where employees are the cause of damage to a company because of access to confidential data or important IT systems.
The RSA-sponsored survey also said that 82 per cent of decision makers didn't know whether incidents involving contractors were more likely to be accidental or deliberate.
"One of the key challenges a lot of these organisations have when they are dealing with contractors or temporary employees is that you have to give them access to systems," said Chris Young, senior vice president for RSA products, speaking to IT PRO.
"But when they leave, it's not always so simple in terms of revoking access or credentials, because of the number of systems these people might get access to over the course of engagement with an organisation."
The total number of security incidents was 57,485, with 40 per cent of businesses planning to increase spending this year.
Digital document processes in 2020: A spotlight on Western Europe
The shift from best practice to business necessityDownload now
Four security considerations for cloud migration
The good, the bad, and the ugly of cloud computingDownload now
VR leads the way in manufacturing
How VR is digitally transforming our worldDownload now
Deeper than digital
Top-performing modern enterprises show why more perfect software is fundamental to successDownload now