Four out of ten businesses expect an insider data breach in the next 12 months, according to a new survey.
As enterprises become larger, managing employee behaviour becomes harder and the risk of a breach occurring within an organisation intensifies.
The study, by Clearswift, identified a widespread lack of employee awareness of good cyber security practice, and a slow business response to addressing insider threats.
In the survey of 4,000 employees, 75% said their company provides inadequate levels of information about data policies and what is expected of them, and 58% lacked understanding of what might actually constitute a security threat from within their organisation.
With such a lack of clarity, it may not come as a surprise that half of respondents admitted they disregard data protection policies at work in order to get their job done.
These attitudes highlight an imperative for organisations to make training employees in security protocols and policies a business priority.
Such attitudes are not surprising considering 72% of security professionals believe internal security threats are still not treated with the same level of importance as external threats by the board.
‘The detachment between the front-line security professionals and board members within an organisation is particularly worrying in the wake of recent high-profile cyber breaches in the UK already this year,’ said Heath Davies, chief executive at Clearswift.
‘Cyber attacks are a major problem and it’s time for boards to take a proactive stance on this. Companies need a clear, coherent, adaptive strategy which encompasses people, processes and technology, and this mandate needs to come from the top.’