Significant Threats to Data Security Lurk Within, Professionals Say

Poll of human resource experts shows widespread concern of internal threats to cybersecurity

ATLANTA--()--According to a recent investigative report on data breaches1, an estimated $400 million has been lost from a predicted 700 million compromised records in 2015. So which security controls are the most important in thwarting cyber crime against businesses? Anti-malware? Physical security? Believe it or not, according to a recent survey, PEOPLE are a main concern.

When recently asked about what security controls should be used to protect businesses from cyber threats, the First Advantage 2015 Cybersecurity Survey of business professionals placed employee background screening at the top of the list, even above the use of anti-malware programs and physical security. The survey, from global background screening firm First Advantage, a Symphony Technology Group company, polled a variety of professionals including human resources, risk management and C-suite executives about their attitudes toward internal and external security threats.

Sixty percent of respondents said employee background screening is the most important security control that can be put in place to protect organizations. Anti-malware was ranked second, favored by 53 percent. Physical security and physical access controls ranked third at 39 percent.

When asked about the importance of background screening of new employees in preventing security risks, 98 percent agreed that it was at least “somewhat important”. In fact, 57 percent said it is “extremely important” to do background checks.

Not only were background checks of new employees deemed highly essential, but the process of doing background checks periodically on existing employees also received high marks. Thirty-five percent said the process is “somewhat important,” 17 percent chose “very important” and 19 percent said that employee rescreening is “extremely important.”

Yet despite the priority that rescreening employee backgrounds seems to have, when asked how often employees are rescreened, a clear majority (61 percent) said that the practice is never done at their workplace. By comparison, just 13 percent of respondents rescreen annually. Ten percent do so every other year.

“The lack of ongoing, periodic background screening of existing employees that occurs is in stark contrast to its recognized importance by the same organizations,” said Mark Silver, chief security officer at First Advantage. “The fact is that an initial background check does not protect an organization in perpetuity. In order to better protect against potential insider-driven breaches, periodic rescreening should be done. Fortunately, technology now allows for groups of employees to be rescreened at once – for a fraction of the cost of the original background check.”

Other Findings

  • When asked to identify specific external security threats that are most concerning, respondents indicated that professional hackers (55 percent), former employees (35 percent) and phishing schemes (31 percent) topped the list.
  • Regarding the importance of background screening of vendors, respondents were less enthusiastic compared to the need for employee screening. However, 55 percent still noted that it is “extremely” or “very” important. Fifteen percent said that vendor screening is not important.
  • Most cite the hit to company reputation as the top impact of a confirmed cybersecurity incident, followed by costs from potential litigation and loss of customers.
  • Exposure of personally identifiable information (PII) was cited by 47 percent of respondents as the most at-risk assets, more than credit and payment data, authentication credentials, intellectual property or physical inventory.

First Advantage is preparing to host a live webinar on October 8 about the survey findings and how companies can protect their data from insider threats. Registration is free and can be done here.

Survey Methodology
First Advantage commissioned the survey of 337 customers using the customer research platform TechValidate. All data is self-reported by study participants and is not verified or validated. Respondents participated in the survey between July 14 and August 18, 2015.

About First Advantage
First Advantage provides comprehensive background screening, identity and information solutions that give employers and housing providers access to actionable information that results in faster, more accurate people decisions. With an advanced global technology platform and superior customer service delivered by experts who understand local markets, First Advantage helps customers around the world build fully scalable, configurable screening programs that meet their unique needs. Headquartered in Atlanta, GA., First Advantage has offices throughout North America, Europe, Asia and the Middle East. More information about First Advantage can be accessed at www.fadv.com.

About Symphony Technology Group
Symphony Technology Group (STG) is a strategic private equity firm with the mission of investing in and being a partner in building great software and services companies. In addition to capital, STG provides transformation expertise to enable its portfolio companies to deliver more value to clients to retain and attract the best talent and to achieve best-in-class business performance. All STG portfolio companies are expected to grow through innovation. STG’s current portfolio consists of 12 global companies with combined revenue of approximately $2.5 billion and thousands of employees spread across North America, Europe and Asia. For more information, please visit www.symphonytg.com.

1 Verizon 2015 Data Breach Investigation Report

Contacts

Kohnstamm Communications
Aaron Berstler, 651-789-1264
aaron@kohnstamm.com

Release Summary

First Advantage 2015 Cybersecurity Survey of business professionals placed employee background screening as the most important security control in thwarting cyber crime against businesses.

Contacts

Kohnstamm Communications
Aaron Berstler, 651-789-1264
aaron@kohnstamm.com