Skip to main content

IBM wants you to be paranoid about your employees

Insider threats are still the most dangerous threat to businesses everywhere, according to new research.

The IBM X-Force Cyber Security Intelligence Index, an annual report on the cyber-security landscape that got released recently, says your next attacker is likely to be someone you thought you could trust.

Looking at the stats, 2015 was, and wasn’t a really good year for cyber-security. There have been 64 per cent more security incidents than a year before. The increase in incidents is, according to the report, the result of improvements in detection and policy refinement. So that’s a good thing, I guess.

A year in numbers has shown that the average company suffered 178 incidents last year, up 66 per cent from a year before, when there were 109 incidents. Splitting the number on a weekly basis, and you get 3.4 attacks every week, up from 2 in 2014.

A previously known vulnerability, dubbed Shellshock, was one of the key players in the majority of last year’s attacks. Shellshock is a flaw in the Bash shell, used widely in Linux, Solaris and Mac OS systems, that’s been around for more than two decades.

It was only discovered about a year ago.

“It’s easy to look at those numbers and convince yourself that yours isn’t the “average” company”, IBM says in the report. “Your organization is too big, or too small, or too specialized to be considered average. Besides, you’ve got some pretty decent safeguards in place. And the people who work there wouldn’t hurt a fly—let alone do anything that could lead to a security breach.”

“It’s easy to think all those things. It’s more difficult to face the reality that your organization may already have been breached, or may even be under attack at this very moment.”

Image Credit: Manczurov / Shutterstock