28 August 2015


Marc Lee - Courion

8Posts 22,601Views 0Comments

Who’s to blame for the breach?

06 March 2014  |  2319 views  |  2

The latest report from PwC, surveying 1,330 financial sector employees across 79 countries, has exposed that about 38 percent of the incidents were caused by an internal source. IT staff rank the highest as a potential internal threat because they have means and opportunity to commit a crime.

Recent security breaches have highlighted the importance of the human factor in facilitating hacking attacks that are fully or partially caused by insiders. To be able to understand insider threats, what is really important to recognise is the complexity of user relationships within a financial organisation. Quite often senior people who have access to sensitive data are difficult to challenge because of their high professional stature. Or it could be an average worker who has access to information that they are not supposed to view.

The steep rise in data theft perpetrated by employees raises important concerns over how organisations are tackling data security issues related to misuse of sensitive data by employees. As organisations open their networks to multiple remote users and devices and struggle with an explosion in identity and access related data, it’s becoming increasingly hard to track and manage access to sensitive information.

These situations create significant risks for organisations as poor control of access to sensitive data can lead to costly data breaches and loss of intellectual property. To overcome these challenges, financial organisations need ‘intelligent’ systems that can analyse multiple risk factors and detect suspicious behaviour ideally before it causes significant damage to their business.

Our own research into the issue showed that nearly 1 in 5 of U.S. workers aged between 18 and 34 would take confidential company information with them if they are leaving the organisation. It is even more alarming that nearly 1 in 6 of the surveyed employees admitted that they have been able to use old work usernames and passwords to access a former employer's computing systems. While these are US figures, it’s very likely that these attitudes are also replicated in Europe.

To tackle the risk of insider theft, financial organisations need more automated ways to monitor and analyse access risk data in real time. This will enable banks, for example, to quickly identify misuse of access privileges and take appropriate actions to mitigate the potential damage for their organisation. With the use of real-time access insight organisations will be able to pinpoint not only existing security vulnerabilities but also potential risk areas and identify the actual causes for these risks. This will result in improved control over how sensitive data is being used and shared by employees, and a better understanding of access risk.

TagsSecurityRisk & regulation

Comments: (2)

A Finextra member | 10 March, 2014, 19:32

There are solutions available that take insiders out of the scope of sensitive information. Obviously it's difficult (impossible?) to completely remove the need for the human element at some point in the infastructure but there are certainly available options to reduce the risk by a huge amount. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 11 March, 2014, 15:35

Interesting post, the findings of which resonate with my personal experience. I recall a large bank in the USA embarking upon the implementation of an Identity Management solution to cut down the time it took to onboard new employees into its IT landscape from 15 days to half a day. Midway through the project, it was found that disabling access rights was taking 4 months after an employee left the bank. As a result, what started as a "joiners" project quickly expanded to cover 
"joiners and leavers".

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Marc

It’s time to wake up to the insider threat

08 May 2014  |  1340 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

Who’s to blame for the breach?

06 March 2014  |  2319 views  |  2  |  Recommends 0 TagsSecurityRisk & regulation

PCI Compliance: not just a tick box exercise

24 February 2014  |  2360 views  |  0  |  Recommends 0 TagsSecurityInnovation

Boiling the Ocean

22 November 2013  |  3608 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

Cyber Security: the Biggest Threat to the UK Banking Sector?

16 October 2013  |  3746 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

Marc's profile

job title EMEA Sales Director
location London
member since 2013
Summary profile See full profile »
I'm responsible for growing Courion's business across EMEA and building sales and channel programmes in the region.

Marc's expertise

What Marc reads
Marc writes about
Marc's blog archive
2014 (3)2013 (5)

Who's commenting on Marc's posts