The success of any modern organisation is directly related to how their people efficiently use information technology.
But the most severe cyber security threat faced by any organisation will come from the accidental or malicious involvement of members of its staff or related stakeholders. This also includes guests and third-party contractors who are given access to the IT system to complete their assignments.
While complex technically advanced cyber attacks may be fully automated, most successful attacks involve one or more ‘insider actors’. The Verizon DBIR Report (2016) confirmed that 60% of security incidents involved insiders. Of these incidents, 29% were due to deliberate malicious actions, with the remainder resulting from a simple mistake by well-intentioned people.
Most security tools only analyse computer, network, or system data. To stop insider threats, every organisation must continuously and automatically monitor all user activity. Raising security awareness and preventing further action at the point of violation has been proven to reduce insider risk by up to 50%.