Blog article
See all stories »

Who’s to blame for the breach?

The latest report from PwC, surveying 1,330 financial sector employees across 79 countries, has exposed that about 38 percent of the incidents were caused by an internal source. IT staff rank the highest as a potential internal threat because they have means and opportunity to commit a crime.

Recent security breaches have highlighted the importance of the human factor in facilitating hacking attacks that are fully or partially caused by insiders. To be able to understand insider threats, what is really important to recognise is the complexity of user relationships within a financial organisation. Quite often senior people who have access to sensitive data are difficult to challenge because of their high professional stature. Or it could be an average worker who has access to information that they are not supposed to view.

The steep rise in data theft perpetrated by employees raises important concerns over how organisations are tackling data security issues related to misuse of sensitive data by employees. As organisations open their networks to multiple remote users and devices and struggle with an explosion in identity and access related data, it’s becoming increasingly hard to track and manage access to sensitive information.

These situations create significant risks for organisations as poor control of access to sensitive data can lead to costly data breaches and loss of intellectual property. To overcome these challenges, financial organisations need ‘intelligent’ systems that can analyse multiple risk factors and detect suspicious behaviour ideally before it causes significant damage to their business.

Our own research into the issue showed that nearly 1 in 5 of U.S. workers aged between 18 and 34 would take confidential company information with them if they are leaving the organisation. It is even more alarming that nearly 1 in 6 of the surveyed employees admitted that they have been able to use old work usernames and passwords to access a former employer's computing systems. While these are US figures, it’s very likely that these attitudes are also replicated in Europe.

To tackle the risk of insider theft, financial organisations need more automated ways to monitor and analyse access risk data in real time. This will enable banks, for example, to quickly identify misuse of access privileges and take appropriate actions to mitigate the potential damage for their organisation. With the use of real-time access insight organisations will be able to pinpoint not only existing security vulnerabilities but also potential risk areas and identify the actual causes for these risks. This will result in improved control over how sensitive data is being used and shared by employees, and a better understanding of access risk.


Comments: (2)

A Finextra member
A Finextra member 10 March, 2014, 19:32Be the first to give this comment the thumbs up 0 likes

There are solutions available that take insiders out of the scope of sensitive information. Obviously it's difficult (impossible?) to completely remove the need for the human element at some point in the infastructure but there are certainly available options to reduce the risk by a huge amount. 

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 11 March, 2014, 15:35Be the first to give this comment the thumbs up 0 likes

Interesting post, the findings of which resonate with my personal experience. I recall a large bank in the USA embarking upon the implementation of an Identity Management solution to cut down the time it took to onboard new employees into its IT landscape from 15 days to half a day. Midway through the project, it was found that disabling access rights was taking 4 months after an employee left the bank. As a result, what started as a "joiners" project quickly expanded to cover 
"joiners and leavers".