"Over Half of Data Security Incidents Caused by Insiders"

According to new research at Imperva, a shocking 70% of EMEA organizations have no insider risk strategy despite employees directly or indirectly causing most data security incidents over the past year.  The researchers, during a survey, found that insider threats caused 59% of incidents impacting sensitive data in the past 12 months.  Imperva defines an insider threat as originating from “inappropriate use of legitimate authorized user accounts” by either their rightful owner or a threat actor who has managed to compromise them.  The largest number of respondents to the survey cited a lack of budget (39%) and internal expertise (38%) as their reason for not prioritizing insider risk.  However, nearly a third (29%) claimed they don’t see employees as a significant threat, and a similar number (33%) cited internal roadblocks such as a lack of executive sponsorship.  The most common tactics to protect against insider threats in EMEA included staff training (65%), manual monitoring of employee activity (50%), and encryption (47%).  However, the researchers noted that they appear to be having a limited impact, and (56%) of respondents claimed their end-users found ways to circumvent data protection policies.  The security researchers stated that an effective insider threat detection system needs to be diverse, combining several tools to not only monitor insider behavior but also filter through the large number of alerts and eliminate false positives.  Imperva recommended that organizations put together a dedicated function to handle insider risk and follow zero trust principles as they build out their programs.

Infosecurity reports: "Over Half of Data Security Incidents Caused by Insiders"