Corporations will take a much tougher approach to insider security threats by penalizing employees who “invite a data breach”, according to a new survey.
The study, titled Defending Data: Turning Cybersecurity Inside Out With Corporate Leadership Perspectives on Reshaping Our Information Protection Practices, suggests that employers are increasingly less tolerant over poor cybersecurity practices.
Unsurprisingly, the overwhelming majority (93%) of respondents consider “human behavior” to be the greatest weakness when it comes to data protection.
"There’s a recognition now that everyone is responsible for cybersecurity, not just those working in IT."
As one financial services leader noted: “There’s a recognition now that everyone is responsible for cybersecurity, not just those working in IT.”
Consequently, Nuix, which commissioned the survey, believes that corporations will start to reprimand employees that “misunderstand, misinterpret, or miscalculate longstanding security policies and procedures”.
The issue of insider threats has become so widespread that Nuix predicts that those corporations that don’t implement an insider threat program will be forced to do so by the courts.
Further, as Keith Lowry, senior vice president of business threat intelligence and analysis at Nuix, explained, with more victims of data breaches looking to prove negligence on the part of a data custodian, maintaining high standards of security is paramount.
“Regulators such as the Federal Trade Commission in the US also have the authority to enforce cybersecurity laws, which further complicates the environment,” he added.
The survey also found that most organizations believe that information security is one of the highest priorities in corporations, alongside profitability.
Nuix went on to predict that new technologies will help companies develop much stronger security protocols, as well as encourage greater employee awareness.
The survey hopes to help curb some of the main issues relating to insider security threats, contributing to improving cybersecurity on a global scale.