Only 44% of UK IT pros think they can detect insider threats
Newly released data from ObserveIT finds that only 44% of UK IT pros are completely confident they could detect an insider threat. An insider threat is when someone close to an organisation, an employee, contractor or trusted partner, misuses their authorised access to negatively impact the organisation’s critical information or systems, either on purpose or by accident.
The survey also finds that basic on and off-boarding processes leave a lot to be desired, while decision-makers are not connecting the dots on how employee wellbeing benefits cyber security efforts.
Yet, there are some positive signs of how training and access control are being used to help build trust between employers and employees, decreasing an organisation’s risk of a breach from the inside.
ObserveIT, an insider threat management specialist, carried out a survey of 600 global IT leaders to uncover how attitudes towards trust and privacy are shaping cyber security. The UK findings issued today at the Infosecurity Europe conference and tradeshow (Olympia London) reveal that:
- Just 46.5% revoke building access and 62% take back work devices when an employee leaves employment.
- Almost 34% believe that a stressed/overworked staff could make a mistake with data, while 40% believe a disgruntled employee can contribute to an insider threat.
- A total of 70% are currently providing cyber security awareness training to their workforce.
- Sixty-three percent only grant insiders access to the systems and data they need in order to do their job effectively.
- Only half (52%) are investing in employee wellbeing efforts, despite the majority acknowledging that a happy workforce is significantly more likely to keep an organisation secure than an unhappy one.