Partially attributed to poor enforcement policy, almost half of security professionals feel a breach will occur in the next year and will be conducted by an insider.
As Clearswift highlights in its 2015 Clearswift Insider Threat Index (CITI), 40 percent of firms expect an insider data breach in the next 12 months. This comes as a result of employee behavior and 75 percent of employees expressing that their company does not do enough to raise awareness of potential cyber-threats.
Fifty-eight percent of employees don't understand what may constitute a security threat from inside their workplace.
Half admit that they ignore data protection policies at work to get their job done. Such attitudes make training employees in security policies and conduct a priority for the sake of the safety and security of the company.
Heath Davies, chief executive at Clearswift said, “The detachment between the front line security professionals and board members within an organisation is particularly worrying in the wake of recent high-profile cyber breaches. Cyber-attacks are a major problem and it's time for boards to take a proactive stance on this. Companies need a clear, coherent, adaptive strategy which encompasses people, processes and technology, and this mandate needs to come from the top.”
The research includes the security priorities and awareness of more than 500 IT decision makers and 4000 employees from the UK, US, Germany and Australia.
Seventy-seven percent of UK organisations have experienced a data breach in the last year. Out of these, 37 percent admit they have seen a growing number of internal breaches. In the last year, 71 percent of breaches in the UK came from a threat on the inside of the enterprise.