Businesses Increasingly at Risk From Insider Threats
More than half of organizations regularly experience unusual behavior by privileged users, such as administrators accessing data they should not.On average, organizations experience 5.1 incidents each month in which an unauthorized third party exploits stolen account credentials to gain access to corporate data stored in a cloud service, according to a report from Skyhigh Networks. The study, derived from analysis of actual cloud usage across more than 23 million employees, found 89.6 percent of organizations experience at least one insider threat each month, which is up from 85 percent for the same quarter last year. In addition, 55.6 percent of organizations experience unusual behavior by privileged users, such as administrators accessing data they should not, each month. "While small businesses may consider themselves too small to be targets, almost all businesses have documents that are considered sensitive – like customer data or business information they want to keep from competitors," Kamal Shah, senior vice president of products and marketing at Skyhigh, told eWEEK. "Small businesses are much less likely to have a chief information security officer or other form of IT security leadership. They’re also less likely to have a plan of action in place to respond to a data breach."
Shah says the first step is education, and he explained security education functions best when it is a seamless part of the user experience, which he called just- in- time training.