So often, we as business owners get so focused on looking at the things that come at us from the outside that we forget what lurks within our own walls. Insider attacks are actually more threatening to data security than outsider attacks. The driving forces are usually things like fraud, financial gain, IP theft, sabotage, and espionage. In fact, a survey of 400,000 members of the Cybersecurity Insiders community revealed the following statistics:
- 70% of organizations are seeing more frequent insider attacks
- 60% of these organizations had experienced at least 1 insider attack in the last 12 months
- 85% reported it being difficult to fully see the damage caused by these attacks
- 56% of the respondents said it became more difficult to detect an insider attack once they migrated to the cloud
Given these sobering statistics, what can you do?
Taking the time to implement some simple strategies can go a long way. User training is the biggest way to deter insider threats. Companies can also use activity monitoring, information security governance programs, and database activity monitoring, ideally in combinations of two or more of these options. Whatever you decide to do, fully commit to it to better ensure you are hardened against insider attack.
Email – The Necessary Evil
Question for everyone: How many emails do you send or receive every day?
If you are like me, the amount is probably a hundred or more. A better question is how confident do you feel in being able to spot a malicious email?
The Barracuda Network’s recently released 2019 Email Security Trends report stated that 85% of U.S.-based companies suffered an email attack. Look at these statistics from the report:
- 43% reported being infected through spear-phishing attacks
- Only 9% report confidence in their systems being able to catch threats before they hit users’ inboxes
- 90% of Office 365 users are concerned with the security of the office suite
Experts point to AI (Artificial Intelligence) as one possible way to enhance email security. Coupled with machine learning, it creates the potential to detect things that humans can miss.
Email attacks aren’t going away. In fact, it is becoming more difficult to accurately identify malicious emails. MindSpout can work with you and your organization to determine what are the best tools and techniques to deploy. Every business is different and every business has different risks and vulnerabilities. Let us help you protect you, your staff, and your clients with the right tools tailored for your organization.
“People always make the best exploits. I’ve never found it hard to hack most people. If you listen to them, watch them, their vulnerabilities are like a neon sign screwed into their heads.” – Elliot Anderson
Call MindSpout today for your complimentary business analysis!