Businesses should focus on the ‘accidental’ insider threat
Most insider data losses are accidents rather than malicious attacks.
The so-called insider threat is more likely to be an accident than a malicious attack, according to IDC research.
More than half (52 per cent) of organisations described their insider threat incidents as most likely to be accidental, according to a survey. Just the 19 per cent believed that incidents were mostly deliberate.
IDC warned companies against making malicious insider attacks their priority, as accidents could be more damaging.
Insider risk is where employees are the cause of damage to a company because of access to confidential data or important IT systems.
The RSA-sponsored survey also said that 82 per cent of decision makers didn't know whether incidents involving contractors were more likely to be accidental or deliberate.
"One of the key challenges a lot of these organisations have when they are dealing with contractors or temporary employees is that you have to give them access to systems," said Chris Young, senior vice president for RSA products, speaking to IT PRO.
"But when they leave, it's not always so simple in terms of revoking access or credentials, because of the number of systems these people might get access to over the course of engagement with an organisation."
The total number of security incidents was 57,485, with 40 per cent of businesses planning to increase spending this year.
Defeating ransomware with unified security from WatchGuard
How SMBs can defend against the onslaught of ransomware attacksFree download
The IT expert’s guide to AI and content management
How artificial intelligence and machine learning could be critical to your businessFree download
The path to CX excellence
Four stages to thrive in the experience economyFree download
Becoming an experience-based business
Your blueprint for a strong digital foundationFree download