According to a recent study, despite an increase in spending and investment in deterrence tactics and detection tools, insider attacks continue to cause harm to all types of organizations.
The report conducted by Haystax, suggests that, although funding is increasing, inadequate resources are being allotted to predictive risk analytics — a critical component of mitigating insider threats. This lack of analytics investment comes at a price, as insider attacks continue to be costly.
“Ask any cybersecurity specialist to name the biggest security threat to an organization and they’ll tell you it’s people,” said Haystax CEO Bryan Ware. Yet despite increased funding on insider threat programs, he added, the problem shows no signs of abating. “Training programs and network controls are important, but without analytics that produce actionable intelligence, organizations are often left in the dark until after a malicious insider does damage.”
- 49 percent of organizations have no idea if they experienced an insider attack in the last 12 months.
- 74 percent of organizations feel vulnerable to insider threats, a seven percent increase over the previous year’s survey.
- Sixty-seven percent of respondents agreed that because insiders have credentialed access to their networks and services, they’re much more difficult to detect and deter than external threats.
- Respondents’ leading concerns regarding insider threats are that the attacker or attackers will monetize sensitive data (55 percent of respondents), followed by fraud (51 percent), sabotage (42 percent), IP theft (39 percent) and espionage (38 percent).
- 56 percent of security professionals said insider attacks have become more frequent over the past year. When asked why, respondents’ leading reasons were insufficient data protection strategies or solutions (57 percent) and the increasing number of devices with access to sensitive data (54 percent).
- Still, just 42 percent of organizations said they’re regularly monitoring user behavior, and 21 percent are doing nothing at all.
- Among respondents that are investing in insider threat mitigation, 61 percent are focusing mostly on deterrence (access controls, encryption, policies, etc.), and 49 percent are focusing on detection (monitoring, intrusion detection systems, etc.).
- Forty-six percent of respondents believe they could detect an attack within a day at most, and 68 percent are confident in their ability to recover from an attack in a week or less.
- Still, 75 percent of respondents said remediation could cost up to $500,000, and the remaining 25 percent believe costs could exceed that amount.
Separately, a recent Forcepoint survey of 4,000 office workers in the U.K., France, Germany and Italy found that 43 percent of respondents said their organization isn’t current vulnerable to an insider threat, and 30 percent said they were unsure.
Strikingly, 26 percent of respondents said they didn’t know whether or not sharing work login credentials poses a security risk, and 27 percent said they don’t consider the security of their data before uploading it to the cloud.