40% of Aussie orgs not prepared for insider threats

Four in 10 Australian organisations are not prepared for insider threats, and nine in 10 consider malicious insiders to be a threat to their organisation’s security, a new study has found.

Research from Mimecast also indicates that 56% of Australian IT security decision-makers consider malicious insiders to be a moderate or high threat to their organisation, with 12% believing insiders to be their number one threat.

Globally, even those companies who feel very equipped on cybersecurity feel almost as vulnerable to insider threats as those who believe they aren’t equipped at all.

The research indicates that organisations may be placing too much of a focus on perimeter defence and outside threats, leading them to struggle with the risk that comes from their own people.

“Organisations of all sizes struggle with the risks that are posed by employees being targeted by adversaries to launch and execute attacks to gain access to data or funds,” Mimecast CEO Peter Bauer commented.

“Every day, we trust employees with sensitive information and powerful tools, but we don’t give them the effective security education and advanced cloud security solutions that go hand in hand with those responsibilities.”

He said IT managers should concentrate on controlling issues including rogue employees using unapproved file-sharing or cloud storage services, the lack of internal safeguards to detect and mitigate attacks from malicious insiders and employee ignorance of best security practices.

Image courtesy of Bankenverband - Bundesverband deutscher Banken under CC