Cyber security
Research reveals a growing risk of data breach from ‘Insider Threats’ Reuters

A report from enterprise data security specialists Vormetric has revealed that there is a growing risk of data breaches from company insiders.

The report, which contains analysis from research group Ovum, found that a mere 9% of businesses feel protected against insider threats.

It surveyed 500 IT people at mid-large size organisations in the UK and over 40% feel that the insecurity comes from 'privileged users' (system administrators, database administrators, network administrators), who believe that they are the biggest threat to their organisation.

Privileged users, who are responsible for maintaining the systems and networks, are more of a threat as their roles often require access to all aspects of the network.

Another threat to data breach comes from cyber-criminals who are trying to compromise insider accounts to steal data.

"Almost half of European organisations believe that insider threats are now more difficult to detect, with senior IT managers being very worried about the things their own users can do with corporate data," said Andrew Kellett, principal analyst at Ovum.

"This risk is compounded by the threat by cyber-attacks that are targeting user accounts – something that is not going completely unrecognised as 30% of organisations cite Advanced Persistent Threats as a primary driver for ramping-up data breach defences."

Around 38% of the organisations surveyed said that encryption was the most important security measure.

The report also details that healthcare organisations remain more concerned with regulatory compliance than sound risk and threat management, and that they "lag behind other industries in terms of security technology deployment."

Healthcare organisations have not kept up with data encryption and Continue to focus on security controls as they relate to endpoints (PCs), users, and perimeter defences.

"When combined, these deficiencies leave health care organisations far more vulnerable to advanced malware or insider attacks than those from other industries," said the report.