When Security Breaches Come From Within

 
 
By Karen A. Frenkel  |  Posted 02-04-2015 Email
 
 
 
 
 
 
 
 
 
  • Previous
    Insider Threats Rule
    Next

    Insider Threats Rule

    93% of U.S. respondents say they feel vulnerable to insider attacks. Only 7% feel safe. 59% believe privileged users pose the most threats to their organizations.
  • Previous
    Security Priorities
    Next

    Security Priorities

    Preventing a data breach is the highest or second-highest priority for IT security spending, according to 54% of respondents.
  • Previous
    Cloud and Databases Most At-Risk
    Next

    Cloud and Databases Most At-Risk

    46% of American respondents believe the cloud environment is the greatest risk for loss of sensitive data in their organization, yet 47% said databases have the greatest amount of sensitive data at risk.
  • Previous
    Playing Catch-Up
    Next

    Playing Catch-Up

    44% of American respondents said their organization experienced a data breach or failed a compliance audit last year. 34% said their organizations are protecting sensitive data because of a breach at a partner or competitor.
  • Previous
    Worldwide Perception of Insider Threats
    Next

    Worldwide Perception of Insider Threats

    55% of global respondents believe privileged users are the greatest threat. Contractors and service providers followed at 46%, business partners at 43%.
  • Previous
    Top Three Locations for Most At-Risk Data
    Next

    Top Three Locations for Most At-Risk Data

    The top three places by volume where data is at risk: Databases (47%), File Servers (39%), Cloud (37%)
  • Previous
    Disagreement Over Where Most At-Risk Data Resides
    Next

    Disagreement Over Where Most At-Risk Data Resides

    "Corporate servers and databases pose the highest risk, yet spending remains stubbornly focused on endpoint and mobile," according to the report. "Only 20% of sensitive company data is held on mobile devices."
  • Previous
    Positions of Insiders Posing Largest Threat
    Next

    Positions of Insiders Posing Largest Threat

    In the wake of the Snowden case, respondents named insider positions posing the greatest threat: Privileged Users: 55%, Contractors and Service Providers: 46%, Business Partners: 43%, Ordinary Employees: 35%, Executive Management: 28%, Other IT Staff: 25%
  • Previous
    Confusion Over What to Protect
    Next

    Confusion Over What to Protect

    Although security spending increased 10% in 2014 and double-digit growth is expected this year, the report said spending is unfocused.
  • Previous
    Dangerous Insiders Have Privileged Access
    Next

    Dangerous Insiders Have Privileged Access

    Only one-half of all businesses have deployed privileged access-identity management technology (PAM or PIM) although there is progress because privileged user access is at the top of senior management's agenda.
  • Previous
    Recommendations
    Next

    Recommendations

    Address BYOD and mobile data protection concerns through improved data monitoring and increasing data protection through encryption.
  • Previous
    Implement Risk-Based Strategies
    Next

    Implement Risk-Based Strategies

    Rather than spreading funds across a wide range of security protection solutions, the report recommends risk-based strategies for the protection of sensitive data, monitoring and reporting on usage, and controlling user access, including encryption-based data protection and protecting data in transit between corporate systems.
 

Although a majority of businesses worldwide admit their vulnerability to insider data breaches and expect to maintain or increase their IT security and data protection budgets, the logic underlying their solutions is unfocused, according to a new survey. They are spending hard-won budget dollars to protect relatively small amounts of sensitive data accessible through BYOD initiatives when the greatest concern should be monitoring privileged inside users, contractors and partners the report states. "The Edward Snowden affair was not our data security pinnacle," said Andrew Kellett, an Ovum analyst and an author of the report. "According to the report, almost one-half of the U.S. organizations polled experienced a data breach or failed a compliance audit in the past year." The study, "Vormetric's 2015 Insider Threat Report," surveyed 818 senior IT professionals in companies with at least $200 million in revenues in the United States, the United Kingdom, Germany, Japan, and ASEAN countries. Their firms represent health care, financial, retail and other industries. Harris Poll, in conjunction with Ovum, conducted the survey online.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...