90 percent of organizations vulnerable to insider threats
Most enterprises and government organizations fell vulnerable to insider threats and around half have experienced an insider attack in the last year, according to a new report.
Commissioned by Cybersecurity Insiders, the study is based on a comprehensive online survey of 472 cyber security professionals.
Among the main factors are too many users with excessive access privileges (37 percent), an increasing number of devices with access to sensitive data (36 percent), and the increasing complexity of information technology (35 percent).
52 percent of respondents confirmed insider attacks against their organization in the previous 12 months (typically fewer than five attacks), while 27 percent of organizations say insider attacks have become more frequent.
Organizations are shifting their focus to detection of insider threats (64 percent), followed by deterrence methods (58 percent) and analysis and post breach forensics (49 percent). The use of user behavior monitoring is accelerating too, with 88 percent of organizations deploying some method of monitoring users, and 93 percent monitoring access to sensitive data.
The most popular technologies to deter insider threats are data loss prevention, encryption, and identity and access management solutions. To better detect active insider threats, companies are deploying intrusion detection and prevention, log management and SIEM platforms. 86 percent of organizations already have, or are building, an insider threat program, 36 percent have a formal program in place to respond to insider attacks, and 50 percent are focused on developing their program.
"Insider threats are often more damaging than attacks from malicious outsiders or malware," says Holger Schulze, CEO and founder of Cybersecurity Insiders. "That's because they are launched by trusted insiders -- both malicious insiders and negligent insiders with privileged access to sensitive data and applications."
If you want to find out more the full report is available from the Cybersecurity Insiders website.