The majority of IT departments have little idea about how many sensitive files they have or where they are stored, research has revealed.
Two-fifths of respondents to an Imperva survey carried out at this year's RSA Conference said they were completely clueless about the volume of sensitive files in their organisation.
Furthermore, almost two-thirds of the security professionals quizzed said they weren't even aware of who had access to such files.
Nearly a third said their company had lost data due to employees abusing access rights, on purpose or by accident.
"With so many respondents unsure of how many sensitive files they have and how accessible they are, it indicates a general lack of control over sensitive data, which increases the likelihood of an insider breach," said Amichai Shulman, chief technology officer (CTO) of Imperva.
"The first step to a solid data security plan is taking inventory of your sensitive files and knowing where they are and who has access to them at all times. Only with this complete picture will you be able to guard against insider threat by detecting when sensitive data is being added or removed, or when an employee is improperly accessing files."
In more positive findings, 82 per cent of respondents said breaches such as WikiLeaks inspired them to reconsider security policies.
However, 57 per cent said they would not be investing more money into data security following the WikiLeaks saga.
Read on for our look at the insider threat and what businesses need to do to protect themselves.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Wikileaks 'hacked' by OurMineNews The whistleblowing site was supposedly breached, but the attack was found to be a simple DNS spoof
-
Sweden drops rape charges against Julian Assange
News Assange may still remain in hiding, however
-
Cisco discloses Vault 7 vulnerabilitiesNews Internal analysis seems to have identified bug revealed by WikiLeaks
-
Apple iOS 10.2.1 protects users from Weeping AngelAnalysis Security community says Vault 7 content is "no surprise", but reckless
-
WikiLeaks ‘exposes people’s personal data’ in leaked filesNews Rape victims and other innocent people named in WikiLeaks documents, says AP
-
Pressure mounts on US justice department to drop Wikileaks investigation
News Human rights organisations claim investigation could put all journalists at risk of prosecution
-
Julian Assange unlikely to be charged by US governmentNews No way to prosecute Assange without also taking legal action against journalists.
-
Bradley Manning found guilty of espionageNews US Soldier Bradley Manning could face up to a 136-year jail sentence.
