Defined by Microfocus as a “cybersecurity risk that originates from within an organization,” this type of vulnerability can take many forms: from workers who accidentally fall victim to phishing scams, to employees who intentionally steal data for share with actors outside the company.
Compared to external threats such as malware, ransomware, and denial of service (DDoS) attacks, internal threats tend to go unnoticed. However, research from ProofPoint reveals that insider threat incidents increased by 22% in 2022 compared to 2021, with the average attack costing a whopping $15.38 million.
As this data clearly shows, the impact of insider threats can be very costly. Moreover, apart from the financial damages, compromised customer data and damaged reputations also have major consequences that victims of insider threats have to deal with.
So, as insider threat cases increase in number and impact, how can organizations prevent data leakage outside of their parameters?
Promoting employee trust and confidentiality are the best ways to avoid insider risks
Well, according to Microsoft’s new security report – which details the results of the survey of over 300 security and compliance professionals – build employee trust and prioritize confidentiality are the best ways for businesses to fight this epidemic. However, the software company also stresses that these measures should only be part of a larger holistic cybersecurity strategy.
“An employee-employer relationship rooted in trust can help build that first line of defense against insider risk.”
The survey collected responses from companies with fragmented, scalable and holistic approaches to cybersecurity, with the former lacking an internal risk management program and the latter already adopting a comprehensive risk prevention strategy.
When asked about insider risk prevention challenges, 72% of holistic companies cited employee trust as a top priority, compared to 38% of fragmented companies, while 66% of holistic companies prioritized life rights privacy and civil liberties of their staff, compared to 43% of fragmented companies.