Finance department faces biggest insider threat risk, finds research

Stuart Sumner
clock
Finance department faces biggest insider threat risk, finds research

But closer employee monitoring raises privacy concerns

Finance is the department most at risk from insider threats, according to the latest Computing research.

Respondents were asked to rank corporate departments in order of their risk from insider threats, and finance came out just ahead of sales and marketing, and IT.

The rest of the list, in decreasing order of risk, was supply chain, board of directors, legal and research and development.

When respondents were asked what they believe lies behind the increased threats to business from insiders, 83 per cent put it down to a lack of understanding from employees of data security issues.

This suggests that security training schemes are not having the required effect, despite repeated calls from experts for firms to train new starters, and continue to offer refresher courses throughout every employee's career.

Sixty-three per cent of respondents cited increasing use of personal mobile devices both on and off network as the reason behind the increased insider threat, and 40 per cent said it was increasing pressure on staff to deliver, leading to more out of hours work.

The research also encompassed privacy issues, with employee monitoring services often touted as a valid response to the insider threat, despite its potential to infringe on human rights.

Half of respondents declared themselves 'somewhat concerned' by privacy issues at work, and 22 per cent were 'very concerned'.

However, most were relatively happy with the balance struck by their organisation between security and freedom, with 60 per cent declaring themselves to be 'more or less satisfied' despite the constantly shifting boundaries between total lock-down and complete openness.

However, five per cent were less happy, stating that their organisations were too trusting, and needed to lock down further, and more closely monitor employee activities.

Register for Computing's upcoming webinar 'Tackling insider threats without becoming Big Brother', for a full breakdown of this research, and to hear from Mike Smart, director at Forcepoint, and lawyer Katherine Gibson, senior associate at DLA Piper.

The webinar will be broadcast live at 11am on Wednesday 14 September.

More on Server

The Port of London Authority maintains the integrity of the Thames from Teddington Lock to the North Sea

Cyberattack affects Port of London website

A suspected Iranian group has launched a DDoS attack against the Port of London's website and boasted about it on Telegram.

Tom Allen
clock 24 May 2022 • 2 min read
Application security: shift-left is necessary but insufficent

Application security: shift-left is necessary but insufficent

Integrating security checks into code should be seen as part of a bigger picture, says Kubecon panel

John Leonard
clock 20 May 2022 • 4 min read
Image: Eurovision

Italian police block pro-Russia attacks during Eurovision

The authorities foiled cyberattacks pro-Russian groups Killnet and Legion during the 2022 Eurovision Song Contest in Turin last week.

Tom Allen
clock 16 May 2022 • 3 min read