Companies Grow More Vulnerable to Insider Threats

Companies Grow More Vulnerable to Insider Threats

Companies Grow More Vulnerable to Insider ThreatsCompanies Grow More Vulnerable to Insider Threats

Insider threats are increasing, privileged IT users and admins are the riskiest users, and monetizing sensitive data is the top reason for insider attacks.

The Rise of Insider AttacksThe Rise of Insider Attacks

56% of the information security professionals surveyed think insider attacks have become more frequent in the past 12 months, but 49% don’t know if their organization experienced such an attack during that time.

Top Insider ThreatsTop Insider Threats

Respondents are most concerned about inadvertent data breaches and leaks (71%), followed by negligent data breaches (68%) and malicious data breaches (61%).

Users Who Represent the Biggest RisksUsers Who Represent the Biggest Risks

Privileged IT users and administrators: 60%,
Contractors, consultants, temp workers: 57%,
Employees: 51%,
Privileged business users: 49%,
Executive managers: 31%

Top Types of Insiders AttacksTop Types of Insiders Attacks

Monetizing sensitive data: 55%,
Fraud: 51%,
Sabotage: 42%,
IP theft: 39%,
Espionage: 38%

The Most Vulnerable AssetsThe Most Vulnerable Assets

Databases: 57%,
File servers: 55%,
Mobile devices: 44%,
Endpoints: 44%,
Business applications: 42%

Customer Data Is Most VulnerableCustomer Data Is Most Vulnerable

Customer data is most vulnerable to insider attacks at 63%. Financial data and intellectual property follow at 55% and 54%, respectively.

Launch Points of Insider AttacksLaunch Points of Insider Attacks

Endpoints (57%) beat out mobile devices (36%), networks (35%) and cloud infrastructure (20%) as the most common assets used to launch insider attacks.

Reasons Insider Attacks Are IncreasingReasons Insider Attacks Are Increasing

Insufficient data protection strategies or solutions: 57%,
Increasing number of devices with access to sensitive data: 54%,
Data increasingly leaving the network perimeter via mobile devices and web access: 48%

Internal Versus External AttacksInternal Versus External Attacks

66% of respondents said it is more difficult to detect and prevent insider attacks than external attacks, and 67% said that’s because insiders already have access to the network and services.

Insider Threat AnalyticsInsider Threat Analytics

Asked whether their organization leverages analytics to determine insider threats, 56% said they do, 30% said they don’t and 14% are unsure.

Ways to Combat Insider ThreatsWays to Combat Insider Threats

Security perimeter defense tools: 76%,
Database and file monitoring tools: 67%,
Security events dashboard: 58%

Barriers to Managing Insider ThreatsBarriers to Managing Insider Threats

Lack of training and expertise: 60%,
Lack of budget: 50%,
Lack of collaboration between departments: 48%

Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Latest Articles