The latest enterprise risk management news from around the world

Survey highlights growing requirements for insider risk management

According to a recent commissioned study conducted by Forrester Consulting on behalf of Code42, insider risk management (IRM) is of greater concern now for 74 percent of companies than it was before the pandemic.

The survey gathered insights from over 200 security professionals in the US who are involved with their company’s data loss prevention (DLP) and/or data breach mitigation strategies and planning. The research explores how companies are currently treating insider risk management and the changes being adopted to pursue a more holistic approach to data risk management as part of zero trust strategies.

Key findings from the study include:

  • 66 percent of respondents experience data leaks due to insiders at least monthly.
  • 82 percent of security professionals identify protecting sensitive company and customer data as a top priority.
  • 71 percent of respondents agree that traditional approaches to DLP aren’t working.
  • 59 percent of respondents identified the need to pursue more holistic insider data risk management as part of their zero trust strategy.

“As business leaders activate post-pandemic work plans, it’s crucial that security programs co-exist with collaborative work tools rather than handcuff employees who are simply trying to get their jobs done,” said Joe Payne, Code42 president and CEO. “In the waning months of the pandemic, we expect workforce turnover to increase. With that personnel movement will come a heightened risk to company data – source code, marketing plans, and customer lists are all digital and portable. Putting in place an insider risk management strategy now can stem future data risk and keep workforces productive, creative and innovative.”

Although companies are reprioritizing insider risk, there are still significant roadblocks to implementation. Survey respondents identified the complexity of too many disconnected tools (75 percent), managing false positives (71 percent) and complexity of policy creation and deployment (67 percent) as top inhibitors of effective IRM. Much of this can be bridged to improve security awareness across the organization and help employees better understand appropriate data access and file movement. As such, 64 percent of firms say they will increase security awareness amongst employees in the year ahead.

More details.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.