OMNINET PLUS Blog

OMNINET Plus has been serving the Washington D.C. metropolitan area since 1994, providing IT Support such as technical help-desk support, computer support, and consulting to small and medium-sized businesses.

Study Shows Way Too Many Businesses Ignore Insider Threats

Study Shows Way Too Many Businesses Ignore Insider Threats

Insider threats are an unpleasant reality of working with sensitive information, though you might be relieved to hear that not all instances of insider threats have malicious intentions. Then again, maybe you aren’t relieved since a threat is still a threat. Either way, we’ll discuss some statistics concerning insider threats, and what you can do about them.


Insider threats are defined as internal threats that could come in the form of either malicious or negligent users. Perhaps an employee recently quit and left the office in a flurry of madness, or maybe you have employees who just don’t care to follow security best practices. Either way, insider threats are major problems that need to be addressed.

Internal and External Threats: Reality vs Expectations
A study by Accenture and HfS Research shows that 69 percent of businesses have experienced the theft or destruction of data due to internal threats, compared to only 57 percent experiencing the same due to external threats. In contrast, only 55 percent expect to become the victim of an internal threat, while 80 percent expect external affairs to cause trouble. The lesson to be learned is that you need to be prepared for all types of threats--even those from the inside.

Exposure of Sensitive Data to the End User
The Ponemon Institute conducted a study in which 62 percent of users felt that they had access to data that they weren’t supposed to have access to. In essence, a user-access control system needs to be put into place to keep users from glimpsing sensitive or private information, such as employee salaries or personally identifiable information (Social Security numbers, birth dates, home addresses, etc).

Reaction Time to Insider Threats
According to Ponemon, the reaction time to insider threats varied. Some organizations responded quickly, while others went months, or even years before finding out:

  • Within 24 hours: 24 percent
  • Within a week: 19 percent
  • Within a month: 14 percent
  • Within 6 months: 20 percent
  • Within a year: 9 percent
  • More than a year: 14 percent

It’s somewhat surprising that so many organizations took so long to find out, but it’s a clear indicator that something’s wrong. Businesses need to be able to find out who accesses sensitive files, and why, at a glance. Monitoring network traffic and activity can provide this critical function.

The Ability to Respond to Insider Threats
This one’s simple; SANS Institute reports that 31.9 percent of organizations have no way to combat insider threats, while 68.1 percent do have the ability to respond. If so many organizations have the capabilities to do so, then why don’t they? Perhaps they just aren’t aware of the activity.

How Effective Preventative Measures Are
SANS Institute reports that:

  • Only 9 percent of businesses have proven techniques to prevent insider threats from taking root.
  • 42 percent claim to have tools but haven’t used them.
  • 36.4 percent are in the process of implementing processes to prevent insider threats.
  • A paltry 2.3 percent aren’t concerned at all about insider threats.

Potential Vulnerabilities
Mimecast claims that 45 percent of companies feel that they’re unequipped to handle malicious insider threats within their email security--more than any of the other potential email threats. Keeping a tight grip on what leaves and enters through your business’s email stream is key to protecting your organization’s digital assets.

The Types of Insider Threats
According to Gartner, there are three types of insider threats. One, called a “second streamer” (someone who uses the data from one job to obtain revenue from another job) consists of 62 percent of insider threats. 29 percent of insider threats are called the “career launcher,” or someone who took information with them as they left a company. Only 9 percent of insider threats could be classified as sabotage.

So, how does your business handle insider threats? If you can’t answer this question, OMNINET PLUS can. To learn more, give us a call at 301-869-6890.

Continue reading
0 Comments

Use This Test to Calculate Your Employees’ Risk Levels

b2ap3_thumbnail_risk_for_employers_400.jpgWhen it comes to your business’s data security, there can be no room for error. October is Cyber Security Month, so there’s no better time to ensure that your business is taking all of the proper precautions to maximize security protocol. However, there’s an often-forgotten aspect of cybersecurity called employee risk management, and it’s more complex than you might think.

Continue reading
0 Comments

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Cloud Privacy Hackers Best Practices Hosted Solutions Backup Internet Productivity IT Services Business Business Computing Business Continuity Google Malware Software Hardware Windows 10 Miscellaneous Disaster Recovery Mobile Device Management Microsoft Innovation Computer Mobile Computing IT Support Mobile Devices VoIP Windows Workplace Tips Managed Service Provider Smartphone Server Network Security Efficiency Data Virtualization Upgrade Save Money communications Email Small Business Office Budget Best Practice Holiday Android Chrome Employer-Employee Relationship User Tips Information Technology Data Management Quick Tips Telephone Systems Outsourced IT Recovery Application Apps Microsoft Office Managed IT Hacking BYOD IT solutions Network Managed IT Services VPN Tablet Avoiding Downtime Business Intelligence Bandwidth Hard Drives The Internet of Things Remote Computing Social Engineering Disaster Ransomware BDR Going Green Automation Lithium-ion battery Firewall Wireless Technology Operating System Communication Computers Saving Money Smartphones Gmail Browser Remote Monitoring Risk Management Network Congestion Hosted Solution Health Streaming Media Mobility Telephony Gadgets Proactive IT Private Cloud Cost Management Biometrics Spam Facebook WiFi DDoS Customer Service Passwords Humor Alert Unified Threat Management Administration Big Data Government Password Cybercrime Office Tips Social Phone System Administrator Emergency User Instant Messaging Television Wearable Technology Solid State Drive Virtual Desktop Networking Access Cameras Cybersecurity Best Available Bluetooth History Phishing Running Cable Maintenance Human Resources Transportation Printer Data Breach Fax Server Law Enforcement App Education User Error Avoid Downtime Robot Printer Server Social Media Data Backup Reputation Bloatware SaaS Storage Tech Support Data Recovery Data storage Analytics Collaboration Business Management Near Field Communication HaaS Internet Exlporer Shadow IT Shortcut Remote Workers WIndows 7 Benefits Google Drive SharePoint Colocation IT Technicians Uninterrupted Power Supply Distributed Denial of Service Document Management Managing Stress Branding Applications Antivirus Marketing Teamwork hacker Two-factor Authentication Internet of Things Excel eWaste Save Time IT consulting Retail Laptop Meetings iPhone Trending Sports intranet HIPAA IT service Touchpad PowerPoint Virtual Reality Computer Accessories Apple Search Saving Time Update Entertainment Buisness Files Regulations Science Content Filtering Domains Presentation Mouse Money Customer Relationship Management Chromecast Safety Reliable Computing Operating Sysytem