- Insider threats are now seen as a bigger risk than external attacks, report finds
- Nearly two-thirds of organizations faced file-related breaches in the past two years, with average costs reaching $2.7 million
- 27% use DLP tools to combat insider risks, but layered defenses are still essential
Insider cybersecurity threats - be it from malicious, disgruntled employees, or simply negligent individuals - are a bigger concern than they’ve ever been, new research has claimed.
The OPSWAT - Ponemon State of File Security Report, which surveyed 612 IT and security practitioners in the United States, found nearly half (45%) of respondents cited data leakage from insiders as the top threat to their security strategy.
This makes insider threats a bigger issue than external attacks, which was also confirmed by a different stat - almost two-thirds (61%) of respondents experienced a data breach or security incident involving unauthorized access to sensitive or confidential data in files within the past two years.
Data Loss Prevention to the rescue
For more than half of the respondents (54%), the breaches affected their bottom line.
The average cost of incidents was $2.7 million in the past two years, with two-thirds (66%) of respondents saying the average cost of all incidents in the past two years was between $500,000, and more than $10 million.
The problem is only made worse by limited visibility and control over how files are accessed, shared, and stored, the report further explained.
Many organizations apparently struggle to monitor file activity effectively, leaving them exposed to unauthorized access. Yet despite the severity of the threat, only 40% of organizations reported the ability to detect and respond to file-based threats within a day or a week.
Ponemon says that many organizations are now turning to Data Loss Prevention (DLP) technologies to mitigate these risks.
The report states that more than a quarter (27%) of respondents already deployed DLP - primarily to address insider threats. These tools can help with file monitoring, access policy enforcement, and flagging suspicious behavior.
The report also stresses that DLP alone won’t suffice, and that businesses need a comprehensive file security strategy, with layered defense.
You might also like
- New research finds AI agents exploiting valid credentials to bypass traditional security controls in enterprises
- Take a look at our guide to the best authenticator app
- We've rounded up the best password managers
