While the vast amount of security coverage of late centered around cyber attacks from outside influences such as nation states or well organized hactivist groups, not as much attention has looked at the insider threat.
It seems now the insider threat has become more of a challenge for IT professionals than it has in the past, a new survey said.
The number of employee-related incidents of fraud continues to remain high, according to the second annual “Risk of Insider Fraud” survey by the Ponemon Institute and sponsored by Attachmate. But the problem is only 44 percent of survey respondents said their organization views the prevention of insider fraud as a top security priority and this perception has declined since the first study published in October 2011.
Contributing to the insider risk is the bring your own device (BYOD) trend, where employees have access to enterprise systems from remote locations and there is a lack of security protocols over edge devices.
Insider negligence and maliciousness can be one of the major causes of a costly and reputation damaging data breach, according to the research. As reported in the 2011 Cost of Data Breach: United States study, data breaches that result from malicious attacks are most costly. Hackers or criminal insiders (employees, contractors and other third parties) typically cause the data breach as determined by the post data breach investigation.
While the average cost of a data breach in the 2011 study was $194 per lost or stolen record, companies that experience malicious or criminal attacks have a per capita cost above the mean ($222).
The definition of insider fraud in the study is the malicious or criminal attacks perpetrated upon business or governmental organizations by employees, temporary employees and contractors.
Typically, the objective of such attacks is the theft of financial or information assets, which include customer data, trade secrets and intellectual properties. Sometimes the most dangerous insiders are those who possess strong IT skills or have access to the organization’s critical applications and data.
Other risks with potentially severe consequences are the intentional misuse of data or policy violation.
Other study findings include:
• • On average, organizations have had approximately 55 employee-related incidents of fraud in the past 12 months. This translates to slightly more than one fraud event perpetrated by a malicious insider per week and is virtually unchanged from last year’s study that reported an average of 53 incidents of fraud in a 12-month period.
• • More than one-third said employees’ use of personally owned, mobile devices has resulted in malware and virus infections that infiltrated their corporate networks and enterprise systems and another 26 percent it is very likely to occur.
• • 61 percent rated the threat of insider risk within their organization as very high or high
• • 23 percent said insider fraud incidents existed six months or longer before anyone discovered them and nine percent could not determine when they occurred.
• • 55 percent of organizations said their organization does not have the ability/intelligence to determine if the off-site employee’s non-compliance is due to negligence or fraud.
Using survey methods, we implemented an objective study about how highly experienced individuals in IT, security, compliance and other business fields deal with the risk of fraud perpetrated by malicious insiders. Our study attempts to ascertain what these individuals perceive to be the most serious vulnerabilities in their organizations, and how they can improve IT, governance and control practices that reduce fraud and ensure compliance with regulations.
The survey sample consists of 743 respondents. On average, respondents have more than 10 years of experience and the majority are at or above the supervisor level. Seventy-eight percent of respondents report to the CIO or CISO. While all respondents are in the United States, many of their organizations are multinational or with operations in other countries.