This tool can work out how often your company will be hit by insider attacks

Size, sector and employee welfare all used as factors of email-based intrusion

Calculator for working out data breach risk

Organisations in the process of assessing their cyber security defences have been given a new tool that claims to calculate the risk of sustaining an email-based attack.

The Insider Breach Calculator, launched today by Egress, calculates how many potential breaches a business may expect to sustain by feeding factors such as employee email habits and mood into an algorithm. These factors include the number of employee inboxes and the industry they work, as well as the perceived stress level and fatigue level of workers between zero and ten.

When the figures are plugged in, the results are tallied and presented as the estimated number of emails sent per week and per year, and how many potential breaches an organisation may sustain during those periods.

This fictional local government agency with 500 mailboxes could face over 10,000 incidents per year

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

These results can then be broken down by the proportion of accidental versus malicious incidents, as well as the leading potential causes for each category. The explanations provided span employees clicking on a malicious phishing link to employees sharing data to personal systems.

"Every organisation knows that it is leaking data in one way or another, yet we find there is a bit of a 'head-in-the-sand' mentality where the insider breach is concerned," said Egress CTO Neil Larkins.

"With an average of 60 emails sent every day by one individual within an organisation, the chances of employees accidentally leaking data, continues to grow exponentially. This is before we even consider intentional and malicious leaks, as well as 'forced errors' caused by sophisticated phishing attacks.

Based on calculations, a small business in the telecoms sector with 100 employees that are moderately fatigued and stressed (five out of ten) could suffer as many as 5,288 potential breaches in 12 months.

When broken down further, the most likely cause of an accidental breach is employees unaware of information that shouldn't be shared, while the most likely cause of a malicious breach would be employees leaking data to a competitor.

A large telecoms business of 2,000 employees under the same pressures, by contrast, would suffer more than 35,000 potential breaches within 12 months.

Advertisement - Article continues below

Meanwhile, a hypothetical NHS organisation with 6,000 employees under maximum stress and fatigue will likely suffer 131,914 potential breaches in just one year, equivalent to 361 breaches per day. The weight placed on employee welfare is significant, with the same workplace sustaining only 94,224 potential breaches when its hypothetical staff are under no stress or fatigue.

Research has shown that one of the biggest factors in cyber risk are employee-based intrusions, with 89% of risks now internal. Moreover, 48% of businesses will experience at least one security incident each year as a result of unintentional employee action.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/policy-legislation/general-data-protection-regulation-gdpr/354577/data-protection-fines-hit-ps100m
General Data Protection Regulation (GDPR)

Data protection fines hit £100m during first 18 months of GDPR

20 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020