Home →Security →Companies Grow More Vulnerable to Insider Threats

Companies Grow More Vulnerable to Insider Threats

By Karen A. Frenkel | Posted 05-19-2017

1 of

Companies Grow More Vulnerable to Insider Threats

Insider threats are increasing, privileged IT users and admins are the riskiest users, and monetizing sensitive data is the top reason for insider attacks.
The Rise of Insider Attacks

56% of the information security professionals surveyed think insider attacks have become more frequent in the past 12 months, but 49% don't know if their organization experienced such an attack during that time.
Top Insider Threats

Respondents are most concerned about inadvertent data breaches and leaks (71%), followed by negligent data breaches (68%) and malicious data breaches (61%).
Users Who Represent the Biggest Risks

Privileged IT users and administrators: 60%, Contractors, consultants, temp workers: 57%, Employees: 51%, Privileged business users: 49%, Executive managers: 31%
Top Types of Insiders Attacks

Monetizing sensitive data: 55%, Fraud: 51%, Sabotage: 42%, IP theft: 39%, Espionage: 38%
The Most Vulnerable Assets

Databases: 57%, File servers: 55%, Mobile devices: 44%, Endpoints: 44%, Business applications: 42%
Customer Data Is Most Vulnerable

Customer data is most vulnerable to insider attacks at 63%. Financial data and intellectual property follow at 55% and 54%, respectively.
Launch Points of Insider Attacks

Endpoints (57%) beat out mobile devices (36%), networks (35%) and cloud infrastructure (20%) as the most common assets used to launch insider attacks.
Reasons Insider Attacks Are Increasing

Insufficient data protection strategies or solutions: 57%, Increasing number of devices with access to sensitive data: 54%, Data increasingly leaving the network perimeter via mobile devices and web access: 48%
Internal Versus External Attacks

66% of respondents said it is more difficult to detect and prevent insider attacks than external attacks, and 67% said that's because insiders already have access to the network and services.
Insider Threat Analytics

Asked whether their organization leverages analytics to determine insider threats, 56% said they do, 30% said they don't and 14% are unsure.
Ways to Combat Insider Threats

Security perimeter defense tools: 76%, Database and file monitoring tools: 67%, Security events dashboard: 58%
Barriers to Managing Insider Threats

Lack of training and expertise: 60%, Lack of budget: 50%, Lack of collaboration between departments: 48%
- Companies Grow More Vulnerable to Insider Threats
  
  View Slideshow »
View All Slideshows >

An increasing majority of managers feel their company is more vulnerable to insider threats compared to last year, according to a new survey. Seventy-four percent of respondents to Haystax Technology's "Insider Attacks Industry Survey" feel exposed to threats from employees, a dramatic seven-point increase since the 2015 survey. Haystax, a security and analytics firm, and Crowd Research Partners conducted the crowd-based survey on 300,000 members of LinkedIn's Information Security Community. Thirty-nine percent of respondents are specialists, managers or supervisors; 13 percent are consultants; 22 percent are CEOs, presidents or directors; 7 percent are C-suite executives; 2 percent are vice presidents; and 16 percent have other positions. "The survey makes clear that most security professionals see insider threats as a persistent challenge," said Bryan Ware, Haystax CEO. "They believe better organization policy and more sources are the key to efficiently managing the problem, and that increased use of analytics is an effective deterrent against insider threats."

Karen A. Frenkel writes about technology and innovation and lives in New York City.