A recent Harris poll that we recently commissioned in the US has exposed the need for enterprises to wake up to the fact that basic internal security measures will not protect them from insider threats.
Insider breaches are often perceived as exceptions and rarities as opposed to a common threat; although data breaches spotlight the malevolence of hackers and hacktivists, some of the most serious vulnerabilities are in fact closer to home. Is it time for CIOs and CSOs to rethink their approach to monitoring and managing internal risk?
Alarmingly, according to the findings of the study, nearly 1 in 5 (19%) U.S. office workers between the ages of 18 and 34 would take sensitive company information such as customer data, price lists or product plans with them if they knew they were about to be fired. What’s even more worrying, nearly 1 in 6 (16%) of the employees questioned admitted that since leaving an organisation, they have been able to access the company’s internal computing systems using old work usernames and passwords.
Although these are U.S findings, what’s the likelihood that these attitudes and behaviours aren’t shared in Europe, despite the efforts of C-level leaders, responsible for risk mitigation?
Many organisations do not have a sufficient understanding of who has access to sensitive data, what information they are accessing, when and how. When you consider the number of employees moving through a large organisation, through hiring, firing and internal restructuring, you begin to get a more accurate picture of the potential security risk. Sharing critical business information with partners, customers and other parties further amplifies this risk.
The results of a recent study by Capgemini highlight that financial services providers just don’t seem to be aware of the size of this threat. In fact, only six percent of financial service organisations consider IT security to be a top priority, whilst one third of the surveyed have no plans to enhance IT security systems.
A key reason for the lack of understanding when it comes to access risk is the overwhelming volume of computing activity that occurs under one roof. Internal changes happen quickly, as employees are hired, promoted, transferred between departments or terminated; their access privileges need to be kept up to date and amended as these changes occur. And this doesn’t even include all users in the business environment. When you factor in the use of off-premise cloud applications and remote access using mobile devices, you start to understand the challenge facing organisations as they attempt to manage access risk.
It’s time for organisations to rethink the role of IT security to mitigate business risk and meet compliance mandates. With additional pressure from regulators to streamline compliance and internal security practices, a new approach to access risk management is vital. By monitoring, analysing and acting upon access risk factors in almost real-time, financial organisations will be able to improve visibility into where the greatest access vulnerabilities lie and address these issues before they have caused any damage to the organisation. Together with the automated enforcement of internal policies and compliance practices, this will help reduce business risk and ensure insider threats are identified and acted upon immediately, before the damage has been done.
Doug Mow, CMO of Courion