When it comes to cybersecurity, crooks need a way into our businesses and often someone gives it to them – mostly unintentionally. An understanding of who the unwitting accomplices are will help IT security to protect the organization.
In a recent survey conducted for us by research company Ovum, we asked senior security executives which employees or third parties posed the highest cybersecurity risk to their firm.
Although 77% of respondents said that their employees have sufficient information on how they can contribute to prevent breaches, internal staff were still perceived to present the biggest threat to cybersecurity. Interestingly, most respondents saw the highest risk as coming from their internal IT function – they highlighted their own departments as the weak link.
While most do think they have educated employees well, we had many comments regarding the need for further education programmes. The need to secure employees devices, particularly in a Bring Your Own Device environment was also remarked on.
In our survey we asked which factor posed the highest risk, so while internal threat was uppermost on minds, it does not mean that attack through third parties isn’t a concern. This was emphasised at a banking industry roundtable we held on the subject of cybersecurity.
Panellists talked about how they increasingly see third parties, particularly vendors, as a cybersecurity concern. IT security teams find the risk from vendors hard to quantify, as procurement and vendor relationships are often not owned by the security department. This means the team charged with keeping a firm safe from cyber-attack can struggle to assess the risks of outsourced services. Our panellists were interested to hear about the FICO Enterprise Solution Score, which allows organizations to assess and compare third party risk easily and accurately.
Ultimately, our survey served to show the complexity of cybersecurity threat that businesses today face. Cybersecurity teams need all the support they can get to fight this war on many fronts.
You can see more results of our survey with Ovum on our cybersecurity survey page.