Businesses struggle to fight insider threats

No Comments
insider threat

A new survey of over 1,200 IT and IT security practitioners shows that 53 percent of companies find it impossible or very difficult to prevent an insider attack when data is being aggregated, a key indicator of intent for attacks.

Released in conjunction with the start of National Insider Threat Awareness Month, the report, conducted by the Ponemon Institute with sponsorship from DTEX Systems finds almost half of companies find it impossible or very difficult to prevent an insider attack at the earliest stages.

In addition, just 32 percent of companies say their organizations are very or highly effective in preventing the leakage of sensitive information, while 15 percent state that no one has ultimate authority and responsibility for controlling and mitigating workforce risks.

DTEX's Counter-Insider Threat Research analysts have produced an Insider Threat Kill Chain, which encompasses the five steps present in nearly all insider attacks, these are: reconnaissance, circumvention, aggregation, obfuscation and exfiltration.

"Our findings indicate that in order to fully understand any insider incident, visibility into the nuance and sequence of human behavior is pivotal," says Rajan Koo, chief customer officer at DTEX Systems. "Often times, organizations don't know that an attack has occurred up until (or after) step five of the Kill Chain -- exfiltration -- occurs."

Visibility into the entire kill chain is vital if companies are to successfully deal with threats. In fact, the earlier phases of the chain hold the answers to some of the most important questions -- both for incidents that have yet to fully unfold and for those that have already occurred.

"Organizations need to take a human approach to understanding and detecting insider threats, as human elements are at the heart of these risks," continues Koo. "This includes leveraging human sensors to monitor people-centric threats through sequential behaviors, which is known as human telemetry. By focusing on the most critical common denominator in all cyber security attacks -- the humans driving day-to-day operations -- DTEX is identifying these dynamic 'Indicators of Intent' to gain real-time awareness about a workforce’s activities to mitigate areas of risk without invading personal privacy."

You can find more about the Insider Threat Kill Chain on the DTEX site.

Image Credit: Andrea Danti/Shutterstock

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

TEAMGROUP unveils MP44Q M.2 PCIe 4.0 SSD

Cyberwarfare incidents reported by almost half of UK firms

Ransomware, meet DRaaS: The future of disaster mitigation

Get 'Modern DevOps Practices -- Second Edition' (worth $39.99) for FREE

Number of ransomware victims up 20 percent in first quarter of 2024

Low-code tools boost developer productivity

Cisco warns of serious CLI command injection vulnerability in its Integrated Management Controller

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

60 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

17 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

16 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

16 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

Install the KB5035942 update for Windows 11 to gain all of the Moment 5 features right now

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.