IT | Security

Have you defined your Insider Threats?

By: Absolute Team | 11/24/2008

Cisco recently released a whitepaper about data leakage worldwide and the resulting costs. The global study, polling more than 2000 employees and IT professionals in 10 countries, indicated that insider threats were far more prevalent than previously thought.

Cisco commissioned the security study from InsightExpress in order to understand if social and business cultures had any impact on data leakage. The results indicate that "insider threats", caused by uninformed, careless or disgruntled employees accidentally or purposefully doing something which breaches data, have the potential for greater financial losses than outside attacks to the company. In the context of this survey, they also considered that every device capable of storing data added to "insider threats", given that the loss of these devices pose a high risk.

Cisco put together two papers focused on employee behavior that could put corporate data at risk. The papers found that IT professionals are often unaware of the employee behaviors which put data at risk - this obviously makes preventing loss quite the challenge.

The study examined the effectiveness of security policies - how they are created, communicated and how compliance is enforced. The lack of a policy and compliance with existing policies were large factors in data loss. Unfortunately, the survey showed that IT professionals lack an awareness of how many employees understand and comply with security policies.

Highlights from the study:

  • 39% were more concerned about the threat from their own employees than the threat from outside hackers
  • 33% were most concerned about data being lost or stolen through USB devices
  • 27% admitted that they did not know the trends of data loss incidents over the past few years
  • 43% said they are not educating employees well enough
  • 19% said they have not communicated their security policy to employees well enough
  • 9% reported that they have lost or had their corporate device stolen (26% of those experienced more than one incident in the past year)
  • IT professionals believe that employee behaviors slipping, in terms of safeguardint intellectual property, stem from too much information being dealt with (48%) and a growing apathy towards security stemming from faster-paced jobs (43%)
  • 11% reported that they or fellow employees accessed unauthorized information and sold it for profit, or stole computers

The study concludes that a lack of awareness and of diligence, as well as purposeful defiance, place a significant risk to data loss. The report lumps the loss of laptops and other portable devices in with the "diligence" section, for the most part. Sadly, most lost laptop reports back up the findings: that employee behaviors are to blame for a lack of data safeguards in laptops. Leaving laptops logged on, leaving passwords in sight, leaving laptops in cars, etc.

"Preventing data leakage is a business-wide challenge. IT professionals, executives, and employees at every level of responsibility must work together to protect critical data assets...

Like outsider threats, addressing the insider threat demands a comprehensive approach that includes education, policy, and technology."

The recommended approach focuses on education and accountability. Technologies can help, such as Absolute's Computrace solutions, which solves some compliance issues by tracking assets and even monitoring software.

Download link: Data Leakage Worldwide White Paper: The High Cost of Insider Threats [PDF]