Enter your details below and we'll get back to you.
A recent study looking at companies across key regions, concluded that the risk of insider threats has risen dramatically within organisations.
Cybercrimes, data breaches, viruses and malware – all have been on the rise in recent years, and the source of these issues is often internal.
This is the conclusion of a new study by The Ponemon Institute, which explored the growing number of cyber security incidents caused by insider threats.
The study found that instances of insider threats have increased by 47% since 2018. In response to this, organisations across all industries spend an average of $11.45 million a year to try and remediate such breaches.
In total, businesses are spending 60% more to fix insider threats when compared to the average annual spending just three years ago.
We tend to think of cybercrimes as the work of mysterious, external forces, but in fact such incidents are often initiated by individuals within an organisation. This misuse of authorised access – whether intentional or unwitting – can compromise an organisation’s critical information and systems.
The study conducted by The Ponemon Institute looked at companies located around the globe, including Europe, North America, the Middle East, and the Asia-Pacific region.
Researchers split insider threats into three distinct categories in order to gain a more detailed analysis. These categories were:
In the event of an insider threat, it was found that the hardest hit were typically organisations in Financial Services, Energy & Utilities, and Retail. In particular, Financial Services organisations spent an average of $14.05 million to remediate insider breaches in each of the last two year – a rise of over 20%.
Other findings of interest included:
Maintaining tight processes and procedures to reduce the likelihood of internal threats has never been more crucial. And the internationally recognised ISO27001 standard is a useful framework for organisations to work towards in order to build their defences against internal threats.
ISO27001 fundamentally helps a business to identify risks relating to confidentiality, integrity and the availability of information, as well as supporting the implementation of controls to reduce those risks to a manageable or acceptable level. Even for those businesses not looking to achieve ISO27001 accreditation, using this standard as a guide can be hugely beneficial in developing and managing information security controls.
Not sure your organisation is adequately prepared to face an insider threat? Get in touch with our team today by calling 03450 21 21 51 or drop us an email at firstname.lastname@example.org.