The UK and Germany have seen a drop in insider threat levels that could in part be attributable to GDPR, claims data security company Clearswift.
Since 2017, cyber security incidents originating within an organisation, as a percentage of all incidents, has fallen from 73% to 65% in the UK and from 80% to 75% in Germany.
In the United States, a country outside the direct jurisdiction of GDPR, insider threats have risen from 72% to 80% of all incidents over the same period.
Dr Guy Bunker, SVP Products at Clearswift, said: “I think at the very least what GDPR has done is ensure firms have a better view of where critical data sits within their business and highlighted to employees that data security is an issue that is now of critical importance, which may be why we’ve seen a drop in the insider threat across EU countries. If a firm understands where the critical information within the business is held and how it is ﬂowing in and out of the network, then it is best placed to manage and protect it from the multitude of threat vectors we’re seeing today.”