A new study from the Ponemon Institute on behalf of Experian asked more than 600 individuals at organizations with data security training programs to weigh in on the question of the Insider Threat. They found that 55% of organizations have had a security incident or data breach due to the Insider Threat.
Past studies indicate that as few as 29% of organizations have basic security policies. Security training is also not yet universal, though the practice is more common among larger organizations. As much as 62% of large organizations surveyed said they had undertaken security training in the past year, but only 22% of small organizations had done the same. Given that, it's troubling that organizations that do have security training and data protections in place are still facing so many data incidents directly attributed to the insider threat.
Existing security training is likely inadequate. The study found that 60% of companies believe their employees are not knowledgeable, or have no knowledge, of the company’s security risks. However, only few respondents felt that employee security training was a priority for senior management. While a top-down security posture is known to contribute to the prevention of data security incidents, the reality is that many organizations lack this posture.
The survey indicated many areas where training could be vastly improved. These improvements could include re-visiting security training post-breach, making training mandatory or fostering a culture of security throughout the organization.
“Among the many security issues facing companies today, the study emphasizes that the risk of a data breach caused by a simple employee mistake or act of negligence is driving many breaches. Unfortunately, companies continue to experience the consequences of employees either falling victim to cyberattacks or exposing information inadvertently,” notes Michael Bruemmer, VP at Experian Data Breach Resolution.
Policy and training alone are insufficient to protect against the Insider Threat. In addition, many data protection technologies are insufficient at preventing, detecting or remediating data security incidents caused by Insiders. With most traditional data security solutions, data protections often do not extend to the endpoint (where half of corporate data now lies). Very few solutions include alerts with enough context to assess risk or have a preemptive response.
With Absolute Data & Device Security (DDS), customers can choose what data is important to track and what device or data scenarios are important to form alerts. Absolute DDS also includes the ability to investigate security alerts in real time and historically. In the event that a security incident requires action, customers can remotely delete data, with comprehensive reporting to prove compliance.