Thales Blog

The Changing Nature of the Insider Threat – Europe

June 15, 2015

Sol Cates Sol Cates | Principal Technologist, Data Protection More About This Author >

The threat to businesses from insider threats changes daily. As new IT initiatives are deployed across the organisation, and new users are given access to corporate resources, there is always a risk that they will end up being exploited in some way. Our latest research into this particular threat tells us that European organisations are finding it almost as difficult to deal with now as they were 12 months ago.

ClickToTweet: The New Nature of Insider Threats – Europe @solcates

When we ran the survey in 2014, only nine percent of organizations said they felt safe. Although that has slightly improved to 13 percent in 2015, this means that the vast majority of organizations recognize that the insider threat is a very big problem for them. One reason for this, which my colleague Tina Stewart covered on her recent blog, is that privileged users are extremely difficult to manage – 38 percent of the organizations surveyed in 2014 said that privileged users posed the biggest risk to data – which has jumped up to 54 percent this year.

Businesses are of course taking proactive steps to address the threat, and it is interesting to consider the various drivers that are motivating firms to ensure their data is kept secure.  Compliance, as it was last year, is the top reason for securing sensitive data in Europe, but reputation and brand protection are now very close behind. This really encapsulates the nature of the problem.


Compliance mandates are critically important for organizations in regulated businesses, but, by their nature, they are extremely rigid and prescribed – which is at odds with the rapidly changing and agile threats that we see developing daily. There are many examples of organizations that have been perfectly compliant still being breached. As a result, businesses are starting to realize that, while compliance remains as essential as ever, there is increasing need to implement solutions that will also act to defend reputation and other aspects of the business.  Indeed, the top European IT security spending priorities according to the latest research are the protection of Intellectual Property (at 52 percent) and simply preventing a data breach incident (at 48 percent). It’s also worth noting that, when a highly publicized breach occurs, such as the one that affected Sony, other businesses operating within the same sector learn about the extent of the damage that could be inflicted on their own organization and what that could cost in monetary terms – greatly helping to inform investment decisions.


Looking ahead, and with the parade of data breach incidents bound to continue, we’re likely to see organizations increase the volumes of data protected by the combination of encryption and access controls.  This combination effectively limits the who, what, when, where and how of data availability.  The result, even when firewalls and networks have been breached and internal accounts compromised, or an insider goes rogue, the data available for theft to an attacker is severely limited, mitigating the impact of  breach.

To find out more about the latest insider threat research, and to download the report, visit our dedicated page here.