Nearly half of UK companies have experienced a data breach according to the 2016 security pressures report from Trustwave.
The survey of 1,414 IT professionals globally, including 204 from the UK, also found that unauthorised file transfers were the biggest worry of IT decision makes when it came to security threats inside an organisation, with 32%. 18% most fear installation of unauthorised software, 17% the modification or escalation of system access, 13% weak passwords, 12% a failure to install updates and patches with 8% then seeing a general lack of security training as the biggest risk.
However most still see a greater threat from external threats, with 64% saying they are worried more by those, compared with 17% for non-malicious internal, and 19% from malicious internal threats.
Perhaps most worryingly, 70% say they have felt pressure to release IT projects before they feel they’re security.
Concluding, the report states: “Security isn’t only about safeguarding the sensitive data under your control. Assessing, inventorying and classifying that critical information – including where it lives and how it moves – will help you understand your risk exposure and allow you to more methodically protect the data.
“Similarly, you should focus on key systems, evaluating their criticality and verifying their patch status. Remember to also account for data and IT shared with third-party business partners, which are just as susceptible to attacks as you are and which can serve as a launching pad into your environment.
“Every single user on your network has a role to play in keeping the company secure. After all, human error, in some capacity, is responsible for nearly all security incidents. But for this reality to resonate, you must create a culture of cross-departmental security. C-level executives can lead the charge from the top down, but ultimately the culture must be established as a collective effort among everyone.