Organisations face increased risk from malicious insiders and need to consider how data is flowing between their systems if they are to thwart cybercriminals, according to digital security specialist Mimecast.

Malicious insider incidents exceeded employee errors for the first time in Mimecast’s ninth annual State of Human Risk Report, as 41% of the 250 Australian companies surveyed reported an increase in incidents involving a bad actor in their organisation.

Mimecast field chief technical officer for Asia-Pacific John Taylor told insuranceNEWS.com.au human errors tend to be reasonably obvious and differ from malicious attacks driven by an outcome, such as an international hacking group wanting access to information it can exploit.

Cybercriminals “think of this as a business. They are using AI to get efficiency gains, faster delivery of processes and how to do more with less,” he said.

The global survey of 2500 IT security staff and decision-makers found most expect an AI attack but are not fully prepared, and many do not co-ordinate security training with continuous monitoring.

Visibility is a key factor in fighting cybercriminals, and organisations should know how data is flowing around their network and who is moving it, Mr Taylor says.

As threats expand across email, collaboration platforms and internal communications, organisations need integrated visibility across all channels.

Behavioural analytics and security behaviour management can identify high-risk users and suspicious activity, and data governance and protection should safeguard sensitive information regardless of where it sits or how it moves.

A co-ordinated approach will ensure security controls are focused on both people and technology, Mimecast says.