Businesses Fear Insider-Enabled Data Breaches

Businesses fear suffering a data breach and expect it to be caused by an insider or internal error.

A survey of 500 IT professionals by Exonar found that 94% of respondents have experienced a data breach, and 79% were worried their organization could be next.

In an email to Infosecurity, Niamh Muldoon, senior director of trust and security at OneLogin, said the fear associated with breaches stems from the security culture within the organization, along with the security reporting structure.

“Having security teams in close dialogue with executive leadership, supporting the leadership to make informed risk-based decisions and driving the business strategy, including the technologies used, reduces this fear significantly,” she said. 

“Secondly, not understanding information security, its components and principles drives fear and anxiety of the unknown, so having security education training, and developing awareness and consciousness of threats, will enable and empower the entire organization to act with a ‘security first’ mindset.

“Finally, recognizing the importance of access control to protect systems and data is a foundational level control that organizations can apply to reduce the risk of a data breach. Hand in hand with this is partnering with trusted identity and access control platform providers who can provide enterprises with that security expertise and industry leadership.”

In terms of what is causing the breaches, 40% of respondents to the Exonar survey said accidental employee incidents were to blame, compared to 21% who said it is external attackers. Asked if this is a case of businesses not having a handle on what leaves their organizations (either intentionally or accidentally), Sammy Migues, principal scientist at businesses insider enabled breaches