Finance department faces biggest insider threat risk, finds research

But closer employee monitoring raises privacy concerns

Finance is the department most at risk from insider threats, according to the latest Computing research.

Respondents were asked to rank corporate departments in order of their risk from insider threats, and finance came out just ahead of sales and marketing, and IT.

The rest of the list, in decreasing order of risk, was supply chain, board of directors, legal and research and development.

When respondents were asked what they believe lies behind the increased threats to business from insiders, 83 per cent put it down to a lack of understanding from employees of data security issues.

This suggests that security training schemes are not having the required effect, despite repeated calls from experts for firms to train new starters, and continue to offer refresher courses throughout every employee's career.

Sixty-three per cent of respondents cited increasing use of personal mobile devices both on and off network as the reason behind the increased insider threat, and 40 per cent said it was increasing pressure on staff to deliver, leading to more out of hours work.

The research also encompassed privacy issues, with employee monitoring services often touted as a valid response to the insider threat, despite its potential to infringe on human rights.

Half of respondents declared themselves 'somewhat concerned' by privacy issues at work, and 22 per cent were 'very concerned'.

However, most were relatively happy with the balance struck by their organisation between security and freedom, with 60 per cent declaring themselves to be 'more or less satisfied' despite the constantly shifting boundaries between total lock-down and complete openness.

However, five per cent were less happy, stating that their organisations were too trusting, and needed to lock down further, and more closely monitor employee activities.

Register for Computing's upcoming webinar 'Tackling insider threats without becoming Big Brother', for a full breakdown of this research, and to hear from Mike Smart, director at Forcepoint, and lawyer Katherine Gibson, senior associate at DLA Piper.

The webinar will be broadcast live at 11am on Wednesday 14 September.