Nearly half of enterprises queried for a new survey were found to be ill-equipped to deal with threats from insiders.
The just-released study from security vendor Mimecast also found that 90 percent of organizations are aware that insiders pose a significant threat to their business.
The "Mimecast Business Email Threat Report: Email Security Uncovered" found that more than two-thirds of IT security decision-makers worldwide believe the security tools intended to guard their email systems are inadequate to mitigate today's cyberthreats. Further, the results point to malicious insiders as a significant source of concern around security implementations. Six hundred IT security managers worldwide were queried for the study.
Mimecast tips for safeguarding against malicious insiders
Assign role-based permissions to administrators to better control access to key systems and limit the ability of a malicious insider to act.
Implement internal safeguards and data exfiltration control to detect and mitigate the risk of malicious insiders when they do strike.
Offer creative employee security training programs that deter potential malicious insiders in the first place and help others to spot the signs. Then, back that up with processes to act swiftly in the event of an attack.
Nurture a culture of communication within teams to help employees watch out for each other.
Train your leadership to communicate with employees to ensure open communication and awareness.
Because most enterprises place the predominance of tools and strategies at the perimeter defense, less attention is given to the threats that arise from employees, the study found. This points to a real need for increased employee awareness and education, as well as implementing "a cyber resilience strategy that includes both technology- and human-based defenses."
The study also determined that 53 percent of IT security decision-makers view malicious insiders as a moderate or high threat to their organization, while one in seven view malicious insiders as their number one threat.
Additionally, believing the enterprise is well-equipped with tools to mitigate potential cyberthreats does not equate to preparedness against malicious insiders: Virtually the same percentage of those surveyed indicated that the risk of malicious insiders trumps perceptions of security confidence.
“Today, most IT security defenses are set up to defend against external attackers, be they cybercriminals in search of money, nation-states pursuing strategic advantage, or hacktivists with a politically driven agenda," Matthew Gardiner, cybersecurity strategist at Mimecast, told SCMagazine.com in an email on Wednesday. "And, this allocation of resources does make some sense, as most attacks do come from outside the organization – but not all."
Attacks also come from the inside, Gardiner said. And, he added, these attacks, when originated by trusted insiders, have proven to be extremely damaging.
"In order to minimize the backlash of a malicious insider attack, security programs need to be based in reality," he wrote. "You need to honestly assess both the trustworthiness of your insiders, the amount of damage they could reasonably do if they had both the motivation and opportunity, and how much security controls can be applied given the culture and practices of the organization."Reasonable and cost-effective controls for malicious insiders need to be put in place to reduce the business risk to an acceptable level, Gardiner wrote.