If you’ve ever wondered just how much damage someone with approved access to your network can do, I’d like to direct your attention to a couple of studies that have recently been released.
An Intel Security study on data exfiltration found that insiders are responsible for 43 percent of all data loss. According to the report, one reason that percentage is so high is because of the ease of access:
When they were involved in data exfiltration, whether it was intentional (just over half) or accidental, internal actors were more likely to use physical media instead of electronic methods, especially USB drives and laptops. Employee information, both identity and health data, was a larger target for internal actors than customer data, perhaps because it is more accessible. Office documents were the most common format of data stolen by internal actors, probably because these documents are stored on employee devices and many organizations place few controls on the data once it is no longer in a database.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=i
What caught my attention in this study wasn’t just the high percentage of insider-caused loss—I’ve come to expect that—but how evenly split the numbers were between accidental losses and intentional breaches. We tend to focus more on the accidental and talk about the need for better security education to avoid those mistakes.
However, this survey showed that more needs to be done to examine the intentional acts. Are they malicious, with intent to bring harm to the company? Are they due to an employee’s curiosity, such as wanting to learn more about another employee? Or maybe they are an intentional accident, like accessing sensitive documents without realizing security protocols were breached? In order to address these insider breaches, we need to have a better understanding about why they are happening in the first place. And yes, it may circle right back to educating employees on security issues.
Another study conducted by Bloomberg Law and International Association of Privacy Professionals, titled “Assessing and Mitigating Privacy Risk Starts at the Top,” warns that employees and third-party vendors are a serious risk to companies, but not enough is being done to manage those insiders in order to prevent data loss. The study found that only 35 percent of companies admit to doing enough to monitor employee behavior when it comes to risk, and that number drops to 30 percent when monitoring vendors.
While the Intel Security study highlights the need for improved education and understanding of what institutes data loss, the Bloomberg Law survey shows that IT and security leaders need to step up their game when it comes to monitoring network behavior to lessen potential insider threats.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba.