13th January, 2015

Could the biggest cyberthreat be coming from within?

As Australian businesses continue to beef up their IT security against external threats, new research suggests that investing in protection from other sources is also growing in importance. While hacks and cyber​attacks from the outside garner much of the media attention, internal data breaches are becoming more prevalent than ever.

The latest high-profile insight in this area comes from Forrester Research, which found that the most common form of data breaches are now internal ones. The research group revealed that, overall, 60 per cent of brands will have some of their sensitive data breached this year.

Importantly, Forrester also found that businesses may now want to keep a closer eye on cyberthreats within the organisation. According to Forrester, internal incidents (46 per cent) are the most common, compared to a 33 per cent of breaches coming from an external attack.

Malicious intent was responsible for 46 per cent of internal breaches, while accidents accounted for 42 per cent.

These findings are backed up by Ponemon Institute’s ‘2013 Cost of Data Breach Study: Global Analysis’, sponsored by Symantec. The study found that more than a third (35 per cent) of data breaches are caused by human factor – that is, a negligent employee or contractor.

“While external attackers and their evolving methods pose a great threat to companies, the dangers associated with the insider threat can be equally destructive and insidious,” explains Larry Ponemon, chairman of Ponemon Institute.

“Eight years of research on data breach costs has shown employee behaviour to be one of the most pressing issues facing organisations today, up 22 percent since the first survey.”

Wherever they come from, data breaches and other cyberthreats can impose a significant burden – financial and otherwise – on companies. That is why it’s a necessity to ensure you have an adequate business insurance policy that will cover cyber-related incidents.

The true cost of a data threat

The Ponemon Institute report goes on to outline just how costly a cyber​attack or data breach can be.

According to the study, the average cost of an organisational data breach in Australia is US$4.1 million. This places the country third highest on the list, behind only the US and Germany.

Additionally, the report found that Australia recorded the highest number of breached records among the analysed countries, with the average Australian company experiencing 34,249 breached records.

With the right security measures in place and a comprehensive cyber protection insurance package to back you up, you don’t have to let such incidents drag your business down.

Author: Murray Bruce