Story image

Nearly half of AU organisations not equipped for malicious insiders

19 Aug 16

Mimecast Limited recently released new data that reveals the majority of organisations believe they are their own worst enemy.

Want that in numbers? 40 percent reported that they are ill-equipped to cope with the threat of malicious insiders and more than twice that amount, (with a whopping 91 percent), call malicious insiders a major threat to their organisation’s security.

Entitled 'Business Email Threat Report: Email Security Uncovered', the study from Mimecast made it clear that malicious insiders represent not only a major source of risk and anxiety over security preparedness, but a growing one.

According to Mimecast CEO, Peter Bauer, a common problem amongst businesses is to focus predominantly on perimeter defence and outside threats, while struggling with the risk that comes from their own people.

“Organisations of all sizes struggle with the risks that are posed by employees being targeted by adversaries to launch and execute attacks to gain access to data or funds” says Bauer. “Every day, we trust employees with sensitive information and powerful tools, but we don’t give them the effective security education and advanced cloud security solutions that goes hand-in-hand with those responsibilities.”

Bauer asserts that as a community, we must work together to enact better business processes.

“Another issue we can work together to control is rogue employees who use unapproved file-sharing or cloud storage services outside of their organisation’s security policies thus exposing their organisation to increased risk,” Bauer says. “IT managers have, for too long, not paid due attention to this threat. We must re-evaluate unrestricted access to these services and ensure that protections are put in place quickly to balance security and the needs of the business.”

Some of the additional findings from Mimecast’s research include:

  • Over half (56 percent) of IT security decision makers view malicious insiders as a moderate or high threat to their organisation.
  • 12 percent of security decision makers view malicious insiders as their number one threat.
  • Globally, those who say they’re very equipped on cybersecurity feel virtually just as vulnerable to insider threats as those who believe they aren’t equipped at all (16 percent vs. 17 percent), indicating that the risk of malicious insiders trumps perceptions of security confidence.

There are a number of ways to protect against malicious insiders. Mimecast recommends assigning role-based permissions to administrators, implementing internal safeguards and data exfiltration controls, offering creative employee security training, nurturing a culture of communication within teams and training your organisation’s leadership.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”