The growing sophistication of cybercriminals is prompting CISOs to devote ever more attention to protecting their firms’ systems from attack. But security experts fear that, in doing so, they may risk overlooking a growing number of internal threats to data security.
According to research conducted by IT security company Imperva in 2021, “58% of incidents that negatively impact sensitive data are caused by insider threats”. Of these incidents, 61% can be attributed at least partly to abuse or malicious intent, rather than innocent human error.
The study also found that 60% of IT and data security professionals across EMEA prioritise combating external infiltration over addressing internal threats, while 72% of organisations lack any strategy to deal with insider risks.