Insider threats become more frequent and harder to deal with
A new survey reveals that 72 percent of organizations report insider attacks have become more frequent (a six percent increase over last year), with 60 percent experiencing at least one attack and 25 percent experiencing more than six.
The study by Gurucul and Cybersecurity Insiders gathered responses from over 320 cybersecurity professionals and finds 75 percent say they feel moderately to extremely vulnerable to insider threats -- an increase of eight percent over the previous year.
Organizations are also struggling with insider threats in the cloud and often don't have the necessary technical capabilities in place to detect and prevent them. Almost all (87 percent) consider unified visibility and control across all apps, devices, web destinations, on-premises resources, and infrastructure to be moderately to extremely important. However, less than half (48 percent) monitor for unusual behavior across their cloud footprint and the web. In addition, over half of respondents say that detecting insider threats is harder in the cloud and that the uptime and performance of tools like SASE and CASB is vital to success.
"This report sheds light on some of the most interesting insider threat challenges facing organizations today. While it shows that 86 percent are using some sort of solution to monitor user behavior in some way, it was surprising to see that access logging was the primary method, and that only 25 percent are using automated tools to monitor user behavior 24x7," says Saryu Nayyar, Gurucul's CEO. "The types of monitoring and analytics used to detect insider threats vary widely between organizations. This highlights the need for better tools and processes to analyze data behavior, user behavior, access and movement across a network both internally and externally to detect and prevent insider attacks."
Key factors that make timely detection and prevention of insider attacks difficult include trusted insiders that already have credentialed access to apps, networks, and services (54 percent), the increased use of SaaS apps that can leak data (44 percent), and an increase in personal device use with access to corporate resources (42 percent).
You can get the full report from the Gurucul site.