Four out of ten businesses expect an insider data breach in the next 12 months, according to a new survey.

As enterprises become larger, managing employee behaviour becomes harder and the risk of a breach occurring within an organisation intensifies.

The study, by Clearswift, identified a widespread lack of employee awareness of good cyber security practice, and a slow business response to addressing insider threats.

In the survey of 4,000 employees, 75% said their company provides inadequate levels of information about data policies and what is expected of them, and 58% lacked understanding of what might actually constitute a security threat from within their organisation.

With such a lack of clarity, it may not come as a surprise that half of respondents admitted they disregard data protection policies at work in order to get their job done.

>See also: Why businesses need to go back to school on cyber security

These attitudes highlight an imperative for organisations to make training employees in security protocols and policies a business priority.

Such attitudes are not surprising considering 72% of security professionals believe internal security threats are still not treated with the same level of importance as external threats by the board.

‘The detachment between the front-line security professionals and board members within an organisation is particularly worrying in the wake of recent high-profile cyber breaches in the UK already this year,’ said Heath Davies, chief executive at Clearswift.

‘Cyber attacks are a major problem and it’s time for boards to take a proactive stance on this. Companies need a clear, coherent, adaptive strategy which encompasses people, processes and technology, and this mandate needs to come from the top.’