So Sage got hit by a cyber-attack during the weekend. According to first reports, it was a result of an 'unauthorised access' by someone, who had internal company computer login credentials. It's safe to say this happened either because of employee negligence, or because of an unsatisfied employee.
Either way, an insider threat. Yet, a recent whitepaper by Splunk and IDC says that just 12 per cent of companies are actually worried about a malicious insider attack. All I can think of at the moment is ‘be afraid, be very afraid’.
But this is not the only worrying result the report gives – just above a quarter (27 per cent) of businesses worry about poor end-user security practices.
Yet, almost half (40 per cent) are worried about getting their data stolen, suffering unauthorised access, or losing company and customer data. Companies do make a distinction between malicious insiders and hapless users – the latter worry them more, as they’re more prone to virus attacks, APTs, or phishing. But because companies focus on ‘traditional, perimeter-based security measures’, they’re failing. The report says they’re looking in the wrong places to detect these attacks.
Some companies have no ways to detect activities leading up to a breach. Just 12 per cent use behavioural analytics, and 27 per cent use basic detection methods, such as log management.