In a survey carried out earlier this year 45% of employees would be willing to sell information regarding their company, with 25% of employees willing to do this for as little as £1000. This information can include, but is not limited to sales related information, sensitive information about colleagues, supply chains and customer details. Disgruntled members of staff may even be willing to sabotage a company for no financial reward. Your employees need to be viewed as your biggest cyber threat. *
Up to 30% of corporate data breaches recorded in 2018 were attributed to internal security breaches.** This worrying statistic creates corporate unease not only in current employees, but in ex employees too. How accessible could sensitive information be to those who should no longer be privy to it? A recent Market Pulse Survey found that 47% of employees who leave a job, continue to have access to their previous employer’s data, be that through cloud storage (16%), corporate accounts (17%) or mobile devices (14%). ***
All it takes is for one unhappy ex employee to cause catastrophic damage to a business’s I.T. infrastructure. The number of instances is going to exponentially increase if the current trend continues without being comprehensively addressed.
Thankfully companies are becoming more aware of employee cyber security threats, and especially to those coming from within. However, it has grown increasingly difficult for companies to detect insider-related incidents as often it is key staff members that have access permissions, know exactly where the sensitive data is stored and which cyber security measures are in place. Therefore data theft or corruption can happen so quietly and quickly, avoiding instant detection. Worryingly, internal data breaches can remain undetected for months or even years. On average it takes 197 days to identify a breach and 69 days to contain it.****
The cost to business can be staggering. In 2018 the average cost of a data breach in the UK rose by 8% over the past year to reach nearly £2.7m.*****
Don’t you think it is time to protect your business from every potential threat?
Introducing FortiInsight – to help mitigate employee cyber threat
FortiInsight from Fortinet is a data security and threat detection solution that when integrated with FortiSIEM as part of the Fortinet Security Fabric it delivers advanced threat detection to help find, respond to and manage risky and unusual behaviour that can put your business’s critical data at risk. It utilises a very powerful and flexible Machine Learning technology that optimises each stage of the investigation pipeline, identifying threats from compromised accounts to data theft, as well as forensic-level reporting to monitor data movement and endpoint activity, 24/7 regardless of location or whether users are on or off the company network.
Infosec Partners are proud to be Fortinet’s First UK Partner of Excellence. We provide an instant, on-demand, advanced threat protection platform, which includes the full Fortinet security fabric of products. These include: FortiInsight, FortiSIEM, FortiGate, FortiWeb, FortiMail, FortiSandbox, FortiClient, FortiWifi & FortiSwitch.
To find out more about visit infosecpartners/partners/fortinet
* UK cybersecurity firm Deep Secure which surveyed 1,500 UK office workers – What is the price of Loyalty?
**Verizon 2018 Data Breach Investigation Report
***The 2018 Cost of a Data Breach Study by the Ponemon Institute
****SailPoint Market Pulse Survey
***** Cost of a Data Breach Study | IBM
