Why Insider Threats Are Inevitable

 
 
By Karen A. Frenkel  |  Posted 08-19-2015 Email
 
 
 
 
 
 
 
 
 
  • Previous
    Why Insider Threats Are Inevitable
    Next

    Why Insider Threats Are Inevitable

    Insider threats have risen significantly during the last year, with the greatest threat coming from privileged users such as managers, contractors and consultants.
  • Previous
    Who Are the Insiders?
    Next

    Who Are the Insiders?

    Managers pose the greatest insider threat, at 59%, according to respondents, followed by contractors and consultants (48%) and regular employees (46%).
  • Previous
    Few Have Appropriate Controls
    Next

    Few Have Appropriate Controls

    30% of respondents said their organization lacks appropriate controls to prevent insider attacks, 23% are not sure, but 47% said they do have appropriate controls
  • Previous
    Costs of Data Breaches
    Next

    Costs of Data Breaches

    38% of respondents estimate data breach remediation costs reach $500,000 per insider attack. 64% of respondents said they find it difficult to estimate the damage of a successful insider attack.
  • Previous
    Top Insider Threat
    Next

    Top Insider Threat

    63% of respondents said data leaks stemming from insider attacks are of the greatest concern. 57% are concerned about inadvertent data breaches, and 53% worry about malicious breaches.
  • Previous
    IT Assets at Risk
    Next

    IT Assets at Risk

    Databases (57%) and file servers (55%) are considered most vulnerable to insider attacks—they are where the majority of sensitive data resides. Mobile devices follow at 44%, endpoints at 42% and business applications at 41%.
  • Previous
    Risky Users
    Next

    Risky Users

    The top five users who pose insider threats are: Privileged users: 59%, Contractors/consultants and temporary workers: 48%, Regular employees: 46%, IT administrators and staff: 41%, Third-party service providers: 30%
  • Previous
    Most Vulnerable Apps
    Next

    Most Vulnerable Apps

    The top five most vulnerable types of apps are: Collaboration and communication: 45%, Cloud storage and file sharing: 43%, Finance and accounting: 38%, Social media: 33%, Sales and marketing: 29%
  • Previous
    Most Vulnerable Data
    Next

    Most Vulnerable Data

    The data most vulnerable to insider attacks are: Customer data: 57%, Intellectual property: 54% ,Sensitive financial data: 52% ,Company data: 46%, Employee data: 45%
  • Previous
    Insider Attack Launch Points
    Next

    Insider Attack Launch Points

    Endpoints: 56%, Networks: 43%, Mobile devices: 42%
  • Previous
    Internal vs External Attacks
    Next

    Internal vs External Attacks

    62% of respondents said insider attacks are harder to detect and prevent than external attacks. The key reasons: insiders often already have access to systems and sensitive information (66%), increased use of cloud-based apps (58%) and the rise in the amount of data leaving the protected network (42%).
  • Previous
    Insider Threat Analytics
    Next

    Insider Threat Analytics

    Half of organizations surveyed do not use analytics to determine insider threats. Of the 30% that do, one-third use predictive analytics and two-thirds use behavior analytics.
  • Previous
    Speed of Detection
    Next

    Speed of Detection

    The most frequent response time for detecting an insider attack is one week or less (42%). 28% of respondents said they typically discover an insider attack the same day or faster.
 

The majority of surveyed security professionals, 62 percent, said insider threats have grown during the last year, according to a new report. A combination of factors are at play: 53 percent attribute the rise to insufficient data protection strategies and solutions, 50 percent point to the proliferation of sensitive data moved beyond the firewall on mobile devices, and 50% note a lack of employee training and awareness. The survey, conducted by Information Security Group, "Insider Threat Spotlight Report," included 500 cyber-security professionals and examined commonplace security practices, what employees know about their company's data security and suggested next steps IT teams should engage in to stave off security breaches. The research was sponsored by Watchful Software, Bitglass, Dell Software, Fasco, LightCyber, HEAT Software, ObserveIT, Palerra, RES Software, and Sergeant Laboratories. "It's important to take stock of the magnitude of the cyber-breach problem today as we continue to face data breaches of ever-increasing size and regularity," said Charles Foley, chairman and CEO of Watchful Software.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...