Majority of companies not prepared for insider threats
An overwhelming majority of global organizations admit they are ill-prepared to handle the steady increase in insider threat activity, according to new research conducted by Cybersecurity Insiders and announced today by Securonix.
While 76 percent of organizations have detected increased insider threat activity over the past five years, less than 30 percent believe they are equipped with the right tools to handle them.
Also concerning is that only 21 percent of respondents say they have a fully implemented and operational insider threat program, which highlights the inability of most organizations to effectively identify and mitigate internal security risks.
"Insider threat management programs are most successful when they receive strong support from executive leadership. This level of leadership is essential for prioritizing resources and navigating the complex technical and privacy challenges across various regions," says Findlay Whitelaw, field CTO, of Securonix. "Despite its importance, many cybersecurity professionals feel their organizations fall short in this area. As insider attacks continue to rise, business leaders must empower their teams to develop a security-conscious culture that encourages employees to take a proactive stance against insider threats."
The report shows that 90 percent of respondents say insider threats are more or as difficult to detect and prevent than external attacks. While negligent employees and unwitting accomplices to external threats are the greatest sources of insider risk, the research indicates a shift in the perception of insider threats over the last five years. The survey data shows that 74 percent of cybersecurity professionals are most concerned with malicious insiders within their organization in 2024, which is an increase of nearly 25 percent when compared to 2019.
Cybersecurity professionals see the main drivers and enablers of insider attacks as insufficient employee training and awareness (37 percent), globalization and adoption of new technologies (34 percent), inadequate security measures (29 percent), complex IT environments (27 percent), and disgruntled insiders (25 percent).
You can read more and get the full report on the Securonix blog.
Image Credit: Andrea Danti/Shutterstock