- Internal threats are now considered a higher risk than external attacks, reports the report
- Almost two thirds of organizations faced infractions related to the files in the last two years, with average costs that reached $ 2.7 million
- 27% use DLP tools to combat internal risks, but layers in layers remain essential
Internal cybersecurity threats, whether malicious and unhappy employees, or simply negligent individuals, are a greater concern than ever, according to new research.
The File Opswat – Ponmon state security report, which surveyed 612 IT professionals and security in the United States, found that almost half (45%) of respondents cited the data leakage of experts as the main threat to their security strategy.
This makes internal threats a problem greater than external attacks, which was also confirmed by a different statistic: almost two thirds (61%) of respondents experienced a data violation or a security incident that implied unauthorized access to confidential or confidential data in files in the last two years.
Data loss prevention to rescue
For more than half of the respondents (54%), the infractions affected their results.
The average cost of the incidents was $ 2.7 million in the last two years, with two thirds (66%) of the respondents saying that the average cost of all incidents in the last two years was between $ 500,000 and more than $ 10 million.
The problem only worsens for limited visibility and control over how the files are accessed, shared and stored, the report explained.
Apparently, many organizations struggle to monitor archive activity effectively, leaving them exposed to unauthorized access. However, despite the seriousness of the threat, only 40% of organizations reported the ability to detect and respond to files based on files within a day or a week.
Ponmon says that many organizations are now using data prevention technologies (DLP) to mitigate these risks.
The report establishes that more than a quarter (27%) of respondents already implemented DLP, mainly to address internal threats. These tools can help with file monitoring, the application of the access policy and the marking of suspicious behaviors.
The report also emphasizes that DLP will only be enough, and that companies need a comprehensive file security strategy, with layer defense.
Through Infosecurity magazine
