New research from Clearswift reveals the vast majority of security incidents originate from within the extended enterprise and not as a result of a hacking group.
After surveying 600 senior business decision makers and 1,200 employees across the US, UK, Germany, and Australia, Clearswift found that 42% of IT Security incidents occurred due to the actions of employees, whilst 74% originate from the extended networks of workers, customers & suppliers. That’s compared to the 26% of attacks that came from parties unknown to the organization.
Businesses are often time fixed on the idea of hackers infiltrating their IT network when where they really should be looking is right in front of them. Instead of only focusing on the latest security threats, NNT suggests organizations take a look in their own backyard and try to better educate the organization’s biggest vulnerability- its own employees.
Dr. Guy Bunker, SVP of Product at Clearswift claims, “Educating employees about how to safeguard critical information, motivating employees to care more about the ramifications of a breach, and increasing investment in Data Loss Prevention (DLP) are the biggest priorities needed to minimize the risk of internal security breaches.”
The report also found that organizations are becoming quicker at spotting incidents on the network, with more than half (52%) noticing an issue within an hour.
NNT is a firm believer that you may not be able to stop every breach, but you should always be able to spot one. The chances of stopping every breach within your organization are highly unlikely with a prevention only strategy in place. However, with non-stop, continuous visibility of what’s going on in the IT estate, your organization can spot in real-time the unusual changes that may represent a breach, and allow you to take action before it is too late. With NNT’s real-time, continuous, change detection with File Integrity Monitoring, changes will be detected and alert you of any breach activity within seconds of an incident.
Unlike a traditional vulnerability scanner, our FIM tool takes a one-time baseline of all system and configuration files which includes: registry settings, installed software, running processes and services, user accounts, security and audit policy settings. In other words, all the attributes that will reflect breach activity. From then on only changes will be tracked, which requires minimal resources. The result is continuous, real-time breach detection without the resource overhead and stop-start operation of the scanner.
Read this article on InfoSecurity Magazine