2020 Insider Data Breach Survey: 97% IT Leaders Consider ‘Insider Threats’ as a Major Concern
‘Insider threats‘ have become a major concern of the IT industry in the increasingly interconnected digital world.
Whether intentional or accidental, the impact of the insider threat on the business remains the same.
Insider threats are particularly devastating because of the knowledge, access and information possessed by the insiders, which can lead to a catastrophic loss to the company following an insider breach.
Increasing volumes of unstructured data and the availability of information sharing tools make it easier for employees to cross the company policy and carry out malicious activities.
Egress’s recent 2020 Insider Data Breach Survey sheds light on the growing occurrence of insider data breaches in the last 12 months.
According to the report, 97% of the surveyed IT leaders expressed concerns about the risk of insider data breaches, up by 2% from 2019.
Among the IT leaders,
- 78% expressed that employees caused data breaches accidentally
- 75% revealed that employees caused data breaches intentionally
Among the surveyed employees,
- 71% agreed they have intentionally shared company information externally
- 68% said they have accidentally shared information
While the percentage of IT leaders who believe employees have inadvertently caused data breach remained same since 2019, the portion who think employees have deliberately put data at risk has increased by 14%.
Causes of Insider Data Breaches
The cybersecurity vulnerabilities have increased as employees have become ultra-mobile and the workplace has become less defined.
Moreover, the coronavirus pandemic has made remote working a new normal. As employees started working outside the company, especially in their home environment, there’s a growing risk that they could develop a more proprietary attitude to the data they access/handle.
Causes of Data Breaches, According to IT Leaders
Causes of Intentional Insider Breaches
- 32% of Employees sharing data to personal systems
- 22% of Employees leaking data to a competitor
- 21% of Employees leaking data to cybercriminals
- 18% of Employees taking information on a new job
Causes of Accidental Insider Breaches
- 24% Lack of employee training
- 24% Lack of adequate security systems
- 23% Lack of employee awareness
- 21% of Employees rushing
Causes of Data Breaches, According to Employees
- 23% Being pressured or stressed
- 23% Using a mobile device
- 20% Tiredness
- 15% Rushing and making a mistake
- 8% Inadequate security systems available
- 5% Inadequate employee training
What Data is Most Vulnerable to Insider Data Breach?
According to the report, employee data, including personal identifiers and salary information, is most at risk for both accidental and intentional internal data breaches.
Intentional Data Breach:
| Impact of Insider Breaches | Intentional Data Breach |
| Employee Data | 40% |
| Company Data | 37% |
| Customer Data | 17% |
| Organizational/Operational Infrastructure | 4% |
Accidental Data Breach:
| Impact of Insider Breaches | Accidental Data Breach |
| Employee Data | 39% |
| Company Data | 36% |
| Customer Data | 21% |
| Organizational/Operational Infrastructure | 3% |
Impact of Internal Data Breaches
According to the report, 41% of IT leaders expressed that financial damage is the area of the significant impact of the internal data breach, up from 27% in 2019.
Moreover, the concern about financial impact is highest in the US, with 43% saying it is the area of most significant concern.
The increase in financial losses due to an internal data breach is mainly due to the introduction and enforcement of stringent data privacy regulations in recent years.
The recently implemented GDPR and CCPA laws press unprecedented penalties for companies that fail to comply with the new regulations.
| Impact of Insider Breaches | IT Leaders Who Replied Positively |
| Financial Impact | 41% |
| Reputational Damage | 31% |
| Customer Churn | 15% |
| Leaked IP | 12% |
In Conclusion
One thing is for sure: Insider breaches continue to be a threat for all organizations, and the future won’t be any different in this regard.
The IT leaders must re-examine their approach and build a technology stack and security strategies that can respond dynamically to employees’ changing behaviors.
Moreover, the organizations should evolve to gain greater visibility of insider breach risk vectors rather than relying on their employees to alert them to a breach.
How Can Stealthlabs Help?
Stealthlabs is a US-based IT Security Solutions provider with years of industry presence and strong domain expertise. With a pool of information security professionals, we cater to business needs in diverse areas of data security. Our offerings include Incident Management, Identity and Access Management, and Managed IT Security services.
More Information Security Articles:
- 25 Biggest hacks, Data Breaches of 2020
- Steps to Create An Information Security Program Plan
- Telemedicine and Cybersecurity: Securing Health Data!
- Infographic – Cybersecurity Myths Vs Reality
- Top 16 Cybersecurity Myths and Misconceptions Worth Knowing!
- Top mobile security threats you can protect yourself from
- The Difference Between Data Privacy and Data Security
- Cyber Security Threats and Attacks: All You Need to Know