Report indicates insider threats leading cause of data breaches in last 12 months
Other results shed light on data security budget allocation and increased responsibility for security groups
By Grant Hatchimonji, Senior Editor
October 08, 2013 — CSO — While threats to data security and privacy are often perceived to come from the outside, all signs point to internal threats being just as dangerous, intentional or not.
Forrester recently released its Understand the State of Data Security and Privacy report, which offered insight on the reasons behind data breaches, with internal threats emerging as the leading cause. The survey – which featured respondents from Canada, France, Germany, the UK, and the US from SMB and enterprise companies with two or more employees – also covered other topics, including how security budgets are being allocated and the changing landscape of security teams' responsibilities.
According to Forrester's research, insiders take the cake as the top source of breaches in the last 12 months, with 36 percent of breaches stemming from inadvertent misuse of data by employees. Obviously, the issue here is ignorance; the study's numbers indicate that only 42 percent of the North American and European SMB workforce surveyed had received training on how to remain secure at work, while only 57 percent say that they're even aware of their organization's current security policies.
"People don't know what they don't know," said Heidi Shey, a Forrester analyst and the author of the report. "You've got to give them some kind of guidance and guard rails to work with."
It's also important, however, that the enterprise has some amount of visibility to what's happening on its networks, given that 25 percent of respondents said that abuse by a malicious insider was the most common way in which a breach occurred in the past year. While a lot of security focus is on looking outwards and what's coming in, said Shey, there also needs to be some attention being paid to looking inwards and seeing what's going on within the company and what's going out.
There could be, for example, someone who has employee level access to segments of the network so everything they do looks like employee activity. As such, companies often aren't looking at something like that even though it could be suspicious.
"Security teams need to look at this and ask, is this normal? Is this a normal pattern? Is this what the typical employee does as part of their work, or is this behavior out of the ordinary?" said Shey. "Spotting these kinds of patterns is one way to address that issue."
Of course, implementing the means to track this kind of behavior is often easier said than done. While the survey results indicated that 17 percent of the collective security budgets of the respondents was going towards data security (the second highest allotment behind network security at 21 percent), that doesn't mean as much if the budgets themselves are light on funds in the first place. As such, how exactly these companies choose to invest in data security solutions is important.