Four out of ten businesses expect an insider data breach in the next 12 months, according to a new survey.
As enterprises become larger, managing employee behaviour becomes harder and the risk of a breach occurring within an organisation intensifies.
The study, by Clearswift, identified a widespread lack of employee awareness of good cyber security practice, and a slow business response to addressing insider threats.
In the survey of 4,000 employees, 75% said their company provides inadequate levels of information about data policies and what is expected of them, and 58% lacked understanding of what might actually constitute a security threat from within their organisation.
With such a lack of clarity, it may not come as a surprise that half of respondents admitted they disregard data protection policies at work in order to get their job done.
>See also: Why businesses need to go back to school on cyber security
These attitudes highlight an imperative for organisations to make training employees in security protocols and policies a business priority.
Such attitudes are not surprising considering 72% of security professionals believe internal security threats are still not treated with the same level of importance as external threats by the board.
‘The detachment between the front-line security professionals and board members within an organisation is particularly worrying in the wake of recent high-profile cyber breaches in the UK already this year,’ said Heath Davies, chief executive at Clearswift.
‘Cyber attacks are a major problem and it’s time for boards to take a proactive stance on this. Companies need a clear, coherent, adaptive strategy which encompasses people, processes and technology, and this mandate needs to come from the top.’