Clearswift shows the majority of security incidents are not caused by hackers

Clearswift shows the majority of security incidents are not caused by hackers

Clearswift has revealed that extended enterprise is largely responsible for data insecurity – not hackers.

Year-on-year the research shows that cyber security incidents – including insider threats – continues to rise, but that companies are able to spot suspicious activity significantly quicker than two years previous.

The research also showed that threats from an employee – inadvertent or malicious – make up 42% of incidents, a number that has increased from 2015 when 39% of incidents originated from inside an organisation’s network.

When looking at the extended enterprise – employees, customers, suppliers, and ex-employees – this number reaches 74%, compared to 26% of attacks from parties unknown to the organisation. In 2015, 33% of attacks were carried out by unknown parties, so this proportion is falling, which may seem surprising given the recent swathe of high profile attacks, such as WannaCry, which affected over 230,000 computers.

The research shows that while it is likely that an incident will occur internally, large external threats are also likely to encourage companies to add cyber security to their agenda.

Dr Guy Bunker, SVP Products at Clearswift, said:

“As GDPR approaches, every department in a business will need to recognise the potential security dangers associated with the data they use. Businesses may fall victim to the frenzy around high profile attacks and organisations may be quick to look at threats outside the business but, in reality, the danger exists closer to home. The blurring lines between personal and work-based technologies has led to an unabated rise in the insider threat.

“A reactive policy of blocking technologies may prove futile as users will inevitably find a work-around. Educating employees about how to safeguard critical information, motivating employees to care more about the ramifications of a breach, and increasing investment in Data Loss Prevention (DLP) tools are the biggest priorities needed to minimise the risk of internal security breaches.

“Being a responsible data citizen will also require organisations to look at the way in which partners or suppliers hold and share information, as breaches within the extended enterprise could also lead to heavy fines for the originating business.”

Although internal threats pose the biggest threat to most organisations, employers believe that the majority (65%) of incidents are accidental or inadvertent rather than deliberate in intent; this remains unchanged over the past three years and highlights a critical need for better security education within most organisations. This is particularly relevant, as most businesses believe their critical data predominantly lies in non-technical departments, such as finance (55%), HR (45%) and legal or compliance (43%).

600 senior business decision makers and 1,200 employees across the UK, US, Germany and Australia were surveyed for the study.

 

 

 

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Copyright: Security Buyer

ASIS UK Launches “Security is You(th)” Hackathon

ASIS International UK has launched Security is You(th), an initiative designed to engage students and early-career professionals…
Image provided by Veeam

AI and Ransomware: Cutting Through the Hype

Rick Vanover, Vice President Product Strategy, Veeam discusses how It might be the great paradox: Artificial Intelligence (AI)….
Copyright: Security Buyer

AmiViz Partners with Titania

AmiViz announced a strategic distribution agreement with Titania. This collaboration underscores a shared commitment to enhancing…
Oil and Gas

Navigating Africa’s Oil & Gas Industry

A comprehensive analysis of security strategies in Africa’s oil and gas industry, covering physical, cyber, and remote surveillance measures.
blackhat

Black Hat Europe Starts Soon

Black Hat Europe starts Monday and now is the perfect time to start planning your experience. With a full lineup of Keynotes…

VIVOTEK’s All-in-One Software Boosts Operational Efficiency for Enterprises

As demand for high-efficiency security systems rises among large enterprises, the global leading…
Assa Abloy website

WTC Amsterdam enhances security and efficiency with digital access solution

The World Trade Center (WTC) Amsterdam, home to over 300 companies, has upgraded its building security with a streamlined, digital access solution from ASSA ABLOY.
John Maddison website

Fortinet launches Lacework FortiCNAPP to enhance cloud-native security

In an advancement in cybersecurity, Fortinet has announced Lacework FortiCNAPP, providing organisations with visibility and security.
GITEX Global 2024 website

GITEX GLOBAL 2024: AI revolution drives strategic tech innovation

GITEX GLOBAL 2024 concluded on Friday, showcasing artificial intelligence (AI) as a transformative force driving business and economic growth
Scroll to Top