Nine Things You Need to Know About Insider Threats

 
 
By Karen A. Frenkel  |  Posted 10-20-2014 Email
 
 
 
 
 
 
 
 
 
  • Previous
    Types of Incidents
    Next

    Types of Incidents

    35% of organizations have experienced at least one insider threat, with the following breakdown (the total does not equal 100% as some respondents had more than one type of incident): Data leak: 49%, Fraud : 41%, Data breach: 36%, IP theft: 16%
  • Previous
    Who Discovers Insider Threats
    Next

    Who Discovers Insider Threats

    Insider threats were uncovered by: IT department: 41%, Coworker: 34%, Security team: 18%, Partner: 6%, Customer: 1%
  • Previous
    Average Financial Impact
    Next

    Average Financial Impact

    Losses from insider threats most-often cost less than $50,000: 70% of respondents report financial losses of under $50,000, 17% suffered losses of $50,000 to $100,000, 6% lost $100,000 to $500,000, 4% lost $500,000 to $1 million, 3% lost over $1 million
  • Previous
    Reasons for Lack of Preparedness
    Next

    Reasons for Lack of Preparedness

    61% of organizations say they are not prepared for insider threats (the total exceeds 100% as multiple factors could be cited): Lack of training: 55%, Inadequate budget: 51%, Low priority: 34%, Understaffed: 34%, Lack of technology: 31%
  • Previous
    Prevention Is a Challenge
    Next

    Prevention Is a Challenge

    Even though 49% of respondents say they are trying to detect insider threats, 59% of these respondents admit that they cannot detect them.
  • Previous
    Detection Is Harder Than Deterrence or Detailing
    Next

    Detection Is Harder Than Deterrence or Detailing

    42% say detection is harder than deterrence or detailing an attack. Why? Because it's more straightforward. It's more about technology than psychology.
  • Previous
    What You Can Do About Deterrence
    Next

    What You Can Do About Deterrence

    SpectorSoft recommends drafting and implementing an acceptable use policy that spells out what is and is not acceptable for employees. It also puts them on notice that the organization has the right to monitor activity on company-provided devices and on the company network.
  • Previous
    What You Can Do About Detection
    Next

    What You Can Do About Detection

    Talk to security experts and make a list of types of monitoring that best fit your organization. Implement solutions that you can customize and extend to meet changing needs.
  • Previous
    What You Can Do About Details
    Next

    What You Can Do About Details

    There are products specially designed to investigate the details of an attack. Choose one that can help you limit the damage and remove the source of the threat.
 

The majority of enterprises can neither detect nor deter insider threats, according to a new survey. As a result, they are vulnerable to fraud, data breaches, and intellectual property theft. Sixty-one percent of respondents say they do not have the ability to deter an insider threat, 58 percent admit that they cannot detect an insider threat, and 75 percent say they cannot detail the human behavioral activities of such threats. Furthermore, six in 10 respondents say they are not adequately prepared to respond to insider threats. While the percentage of insider threats has stayed consistent in the last decade, the total number of these attacks has increased, and has resulted in an annual worldwide loss of $2.9 trillion due to employee fraud. The study surveyed 355 IT professionals and was sponsored by SpectorSoft, a user activity monitoring and analysis software firm. "The statistics paint a bleak picture when it comes to securing company data against insider threats," says SpectorSoft chief marketing officer Rob Williams. "With so many data breaches happening, C-level executives are coming to the realization that their jobs could be on the line if company data isn't protected." To view the report, click here.  

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register