ATLANTA--(BUSINESS WIRE)--According to a recent investigative report on data breaches1, an estimated $400 million has been lost from a predicted 700 million compromised records in 2015. So which security controls are the most important in thwarting cyber crime against businesses? Anti-malware? Physical security? Believe it or not, according to a recent survey, PEOPLE are a main concern.
When recently asked about what security controls should be used to protect businesses from cyber threats, the First Advantage 2015 Cybersecurity Survey of business professionals placed employee background screening at the top of the list, even above the use of anti-malware programs and physical security. The survey, from global background screening firm First Advantage, a Symphony Technology Group company, polled a variety of professionals including human resources, risk management and C-suite executives about their attitudes toward internal and external security threats.
Sixty percent of respondents said employee background screening is the most important security control that can be put in place to protect organizations. Anti-malware was ranked second, favored by 53 percent. Physical security and physical access controls ranked third at 39 percent.
When asked about the importance of background screening of new employees in preventing security risks, 98 percent agreed that it was at least “somewhat important”. In fact, 57 percent said it is “extremely important” to do background checks.
Not only were background checks of new employees deemed highly essential, but the process of doing background checks periodically on existing employees also received high marks. Thirty-five percent said the process is “somewhat important,” 17 percent chose “very important” and 19 percent said that employee rescreening is “extremely important.”
Yet despite the priority that rescreening employee backgrounds seems to have, when asked how often employees are rescreened, a clear majority (61 percent) said that the practice is never done at their workplace. By comparison, just 13 percent of respondents rescreen annually. Ten percent do so every other year.
“The lack of ongoing, periodic background screening of existing employees that occurs is in stark contrast to its recognized importance by the same organizations,” said Mark Silver, chief security officer at First Advantage. “The fact is that an initial background check does not protect an organization in perpetuity. In order to better protect against potential insider-driven breaches, periodic rescreening should be done. Fortunately, technology now allows for groups of employees to be rescreened at once – for a fraction of the cost of the original background check.”
Other Findings
- When asked to identify specific external security threats that are most concerning, respondents indicated that professional hackers (55 percent), former employees (35 percent) and phishing schemes (31 percent) topped the list.
- Regarding the importance of background screening of vendors, respondents were less enthusiastic compared to the need for employee screening. However, 55 percent still noted that it is “extremely” or “very” important. Fifteen percent said that vendor screening is not important.
- Most cite the hit to company reputation as the top impact of a confirmed cybersecurity incident, followed by costs from potential litigation and loss of customers.
- Exposure of personally identifiable information (PII) was cited by 47 percent of respondents as the most at-risk assets, more than credit and payment data, authentication credentials, intellectual property or physical inventory.
First Advantage is preparing to host a live webinar on October 8 about the survey findings and how companies can protect their data from insider threats. Registration is free and can be done here.
Survey Methodology
First Advantage commissioned the survey
of 337 customers using the customer research platform TechValidate. All
data is self-reported by study participants and is not verified or
validated. Respondents participated in the survey between July 14 and
August 18, 2015.
About First Advantage
First Advantage provides comprehensive
background screening, identity and information solutions that give
employers and housing providers access to actionable information that
results in faster, more accurate people decisions. With an advanced
global technology platform and superior customer service delivered by
experts who understand local markets, First Advantage helps customers
around the world build fully scalable, configurable screening programs
that meet their unique needs. Headquartered in Atlanta, GA., First
Advantage has offices throughout North America, Europe, Asia and the
Middle East. More information about First Advantage can be accessed at www.fadv.com.
About Symphony Technology Group
Symphony Technology Group
(STG) is a strategic private equity firm with the mission of investing
in and being a partner in building great software and services
companies. In addition to capital, STG provides transformation expertise
to enable its portfolio companies to deliver more value to clients to
retain and attract the best talent and to achieve best-in-class business
performance. All STG portfolio companies are expected to grow through
innovation. STG’s current portfolio consists of 12 global companies with
combined revenue of approximately $2.5 billion and thousands of
employees spread across North America, Europe and Asia. For more
information, please visit www.symphonytg.com.
1 Verizon 2015 Data Breach Investigation Report