/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: Most of the data breach cases in IT /BPO industry is carried out by insider employees who do not have privileged access. That attacks are carried out with social engineering techniques and from someone-else's computer account, finds a new study on Insider threat in IT/BPO industry.
'The threat within' a study by Data Security Council of India (DSCI) and PwC, which looked into the insider threat environment of the IT/BPO industry in India and efforts taken by service providers and their clients for mitigating insider risks, also found that most of data breaches are also solved internally in organisations without involving any legal agencies.
Also read: Mobile security may dominate for years
According to the study findings all service provider organizations believe that current employees are the primary source of insider incidents.
More than 50 per cent of the service provider organisations revealed that insider who do not work in IT department and consequently do not have privileged access have carried out insider incidents at their organisations.
Also read: Android and Security
Key findings:
All the client organizations have mandated their service providers to conduct background check of their employees but employee verification processes are not standardised as service providers are subject to client-driven criteria.
As per 89 per cent of the service provider organisations, behavioural motivation to break existing norms is the primary motivator that leads to insider threat. However, 75 per cent of the client organisations believe that personal financial gain is the prime motive for insiders at service provider organisations.
More that half of the respondents from the service provider and client organisations believe that social engineering and 'someone else's computer account' is used by insiders to commit a breach in service provider organisations.
As per the survey, 89 per cent of service providers organisations resolved the cases of insider incidents internally, without involving a legal agency. Only 22 per cent service providers initiated legal action against perpetrators.
More than 88 per cent of the service providers have defined the insider incident response plan to manage insider incidents in their organisations.
{#PageBreak#}
Almost 67 per cent service provider organisations have experienced that insider incidents carried out in their organisation were due to unintentional exposure of private and sensitive information. This has been strongly supported by the client organisations.
Audit and review is still the primary source of identification and learning about insider incidents with around 80 percent service provider organisations and 75 per cent client organisations being alerted about insider incidents at service provider organisations through this method.