The continued adoption of cloud technologies and a lack of visibility into them, the Great Resignation and employees taking IP and sensitive data with them, and a disconnect between executives and IT workers are leading to increased insider risk, according Code42.
The insider risk management software firm’s Annual Data Exposure Report for 2022 finds that organizations face a 37% chance that they will lose IP when employees quit. Nearly all (96%) or respondents to the company’s survey say they have challenges protecting corporate data from insider risks, but most don’t have resources dedicated to mitigating that risk.
According to the report, just 21% of companies have cybersecurity budgets dedicated to tackling insider risk, and 91% of senior cybersecurity leaders think their organization’s executives need to better understand insider threats.
Insider threats have increased dramatically over the last two years, as millions of employees leave their jobs each month, with a record 4.5 million doing so in November alone. That means sensitive information could be leaving organizations in troves with their departing employees.
The report found that organizations have a general lack of visibility about that issue, as 71% said they are both concerned about sensitive data being stored outside of corporate storage and don’t know the details of the sensitive data employees take to other companies.
On the disconnect between executives security leaders and security practitioners, the report found that 57% of cybersecurity practitioners aren’t consulted by cybersecurity leaders when making decisions about the company’s security strategy. However, 56% of all cybersecurity professionals don’t think they have a seat at the table when business decisions are made.
And, 91% of respondents think their organization’s executives need to better understand insider risk.
Overall, entire organizations need better data security training, the report found, as 96% agreed on the need to improve awareness. About one-third say they need to completely overhaul that training, with 63% of public sector organizations saying the same.
Joe Payne, Code42 president and CEO, says employee turnover and remote work are wreaking havoc on security teams and efforts to protect IP.
“Companies must fundamentally shift to a modern data protection approach – Insider Risk Management (IRM) – that aligns with today’s cloud-based, hybrid-remote work environment and can protect the data that fuels their innovation, market differentiation and growth,” he says.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply