IT disaster recovery, cloud computing and information security news

Malicious insiders: an important threat to organizations but many are unprepared

Mimecast has released the results of a new survey which finds that 90 percent of organizations believe that malicious insiders are a major threat to the organizations’ security. However, 45 percent say that they are ill-equipped to cope with the threat.

By concentrating predominately on perimeter defense / defence and outside threats, organizations around the world struggle with the risk that comes from their own people, emphasizing the need for organizations to implement employee awareness and education as well as creating a cyber resilience strategy that includes both technology- and human-based defenses.

Other highlights of Mimecast’s research include:

  • Over half (53 percent) of IT security decision makers view malicious insiders as a moderate or high threat to their organization.
  • One in seven IT security decision makers view malicious insiders as their number one threat.
  • Those who say they’re very equipped on cybersecurity feel virtually just as vulnerable to insider threats as those who believe they aren’t equipped at all (16 percent vs. 17 percent), indicating that the risk of malicious insiders trumps perceptions of security confidence.

Mimecast tips for safeguarding against malicious insiders

1. Assign role-based permissions to administrators to better control access to key systems and limit the ability of a malicious insider to act.

2. Implement internal safeguards and data exfiltration control to detect and mitigate the risk of malicious insiders when they do strike, to cut off their ability to send confidential data outside the network.

3. Offer creative employee security training programs that deter potential malicious insiders in the first place and help others to spot the signs so they can report inappropriate activity to their managers. Then, back that up with effective processes to police and act swiftly in the event of an attack.

4. Nurture a culture of communication within teams to help employees watch out for each other and step in when someone seems like they’ve become disenchanted or are at risk of turning against the company.

5. Train your organization’s leadership to communicate with employees to ensure open communication and awareness.

www.mimecast.com



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.