New Report Reveals How Accidental Insider Threats Put Organizations at Real Risk

November 29, 2017

A new report from NTT Security reveals that approximately 25% of insider threats are hostile with the remaining 75% due to accidental or negligent activity.

The 2017 Global Threat Intelligence Center (GTIC) Quarterly Threat Intelligence Report also details how insider threats can put an organization at risk without even knowing it. In fact, the GTIC indicates that 30% of all insider threats put an organization at risk without being aware of the vulnerability.

“Whether it’s an accidental insider threat, where an employee sends sensitive documents to a competitor‘s email or a negligent insider threat, where an employee downloads unauthorized software and spreads a virus through the company, organizations must have a cybersecurity plan in place to minimize these risks,” said Steven Bullitt, Vice President Threat Intelligence & Incident Response, GTIC, NTT Security. “The GTIC Quarterly Threat Intelligence Report documents that in instances when organizations do not have a proactive cybersecurity plan in place, the consequences can be devastating. In fact, NTT Security has seen damages due to insider breaches reach more than $30 million USD. Even in organizations that have well-defined incident response plans, they often don’t provide adequate remediation provisions for insider breaches, leaving the organization less prepared to react quickly.“

Other findings from the report include:

A notable increase in the number of security events during Q3 ’17 - up 24 percent from Q2 ‘17
The finance industry had the most detections for malicious activity in Q3 ‘17 - representing 25% of all cybersecurity attacks
Rounding out the top five targeted industries were: manufacturing at 21%, business services at 16%, health care at 13% and technology at 12%
Phishing campaigns and malware infections both increased by more than 40% over Q2 ‘17
Attacks from China moved up from the number three spot in Q2 ‘17 to number two in Q3 ‘17
As an attack source, India also made a huge jump from outside the top 10 up to number three, most likely due to outside actors leveraging vulnerable and/or compromised infrastructure.

www.nttsecurity.com/en-us/gtic-2017-q3-threat-intelligence-report

Pandemics, Recessions and Disasters: Insider Threats During Troubling Times

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Industrial Cybersecurity: What Every Food & Bev Executive Needs to Know

ON DEMAND: There's a lot at stake when it comes to cybersecurity. Reputation, productivity, quality. Join us to discuss the future of your global security strategy and a path forward with trusted partners Cisco and Rockwell Automation, and turn your Food & Bev security challenges into strategic advantages that drive business value.

Poll

Who has ownership or primary responsibility of video surveillance at your enterprise?

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

New Report Reveals How Accidental Insider Threats Put Organizations at Real Risk

The latest news and information

Content written for business-minded executives who manage enterprise risk and security

New Report Reveals How Accidental Insider Threats Put Organizations at Real Risk

Related Articles

Related Products

The latest news and information

Content written for business-minded executives who manage enterprise risk and security