Reducing Insider Security Risks, Data Loss: 10 Best Practices
It's not uncommon for large enterprises to spend millions of dollars on IT tools to defend against security threats. Yet they continue to experience security compromises and data breaches. These threats to massive quantities of highly sensitive data are increasing in both volume and sophistication. However, one significant cause that is also extremely challenging to mitigate is employee risk. According to research by the Ponemon Institute, insider negligence is still the No. 1 data security risk; more than three-quarters of IT professionals report that their organizations have experienced a data breach due to insider risk, whether it was malicious or negligent. The bring your own device (BYOD) and consumerization phenomena have amplified this risk. Insider risk encompasses many things, but areas of particular concern include human error and poor decision making, inadequate policies and procedures, and insufficient planning against social engineering attacks. Chris Caldwell, CEO of LockPath, offered eWEEK insight on steps organizations can take to fortify risk management practices. LockPath provides governance, risk and compliance software for enterprises.