According to the report, 63 percent of cybersecurity cases affecting businesses were the result of the actions of current or former employees. This is based on research collated by the Global State of Information Security Survey, conducted by PwC.
The LogRhythm analysis (available via Insights for Professionals) reveals that most organisations are built around technology. However, an inherent weakness is that most of this technology is controlled and managed by humans. This means that for a network to remain secure, trust is an essential element. This is because, not least, that employees access critical and sensitive data.
While organisations can put controls in place, such as controlling access through the use of passwords or key cards, systems often fail. It also stands that as companies grow, in terms of employee numbers, an organisation’s vulnerability to insider threats proportionately rises.
The main risks are either that sensitive data is stolen, deleted or exposed by malicious individuals with access to it. Or, and this is equally as probable, damage or theft occurs because of simple carelessness or by an employee inadvertently responding to a successful phishing attack.
One common concern is that 49 percent of users admit to having shared their network password with one or more people, according to a study by Brutus to Snowden called “A Study of Insider Threat Personas.”
In terms of solutions to these problems, the LogRhythm analysis says that a suitable system for controlling access needs to be in place supported by having effective systems for monitoring.
To achieve this, many firms need to move beyond the limited view of just the network perimeter, which is commonly used to guard against external threats and security breaches and instead construct enhanced internal security controls, this taking a more holistic view of cybersecurity.
This can involve developing intelligent monitoring systems in-house geared around user and entity behavior analytics. This is a cybersecurity process focused on detection of insider threats. Such solutions examine patterns of human behavior, and then apply algorithms and statistical analysis in order to detect meaningful anomalies from those patterns. These anomalies may indicate potential threats.