Clearswift sounds IT security alarm over ‘the enemy within’

Mobile phone with open padlock image

Cyber security company Clearswift has claimed the most serious threats to businesses' data comes from inside the organisation itself.

The research found that 83 per cent of organisations had experienced a data security incident of some form in the past year, whether by accident or through malicious activity.

While external threats are, according to Clearswift, still a focus for many companies' data security strategies (69 per cent), only 42 per cent are of this origin.

Of the remaining 58 per cent, 33 per cent of breaches are the result of the activities of current employees, 18 per cent are from third parties such as contractors, and seven per cent are from ex-employees.

Guy Bunker, senior vice president at Clearswift, said: "These findings are a wake-up call to UK businesses. Internal threats don't make the headlines quite as much as Far Eastern hackers, but must be taken more seriously by businesses as they are having a major impact on organisations far beyond the confines of the IT department."

In its analysis of the results, Clearswift laid the blame for the rise of internal threats firmly at the door of the bring your own device' (BYOD) trend, as well as the use of cloud-based tools and the sharing of information with third parties without proper security protocols.

According to the report, only 31 per cent of organisations are accepting or proactively managing BYOD. This, Clearswift claims, is an attitude that must change in order to avoid further security incidents.

"Any organisation that does not take BYOD seriously is simply setting themselves up for a fall. It must be recognised within the security policy or there will be repercussions for the business - compliance, regulation, financial costs in the form of hefty fines, as well as reputational damage of the organisation," Bunker concluded.

Jane McCallion
Deputy Editor

Jane McCallion is ITPro's deputy editor, specializing in cloud computing, cyber security, data centers and enterprise IT infrastructure. Before becoming Deputy Editor, she held the role of Features Editor, managing a pool of freelance and internal writers, while continuing to specialise in enterprise IT infrastructure, and business strategy.

Jane holds an MA in journalism from Goldsmiths, University of London, and a BA in Applied Languages from the University of Portsmouth. She is fluent in French and Spanish, and has written features in both languages.

Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.