Nearly all firms found vulnerable to insider data security threats
A large majority of organizations - some 90 percent - are vulnerable to insider security threats, and about half experienced an insider attack in the last 12 months, according to a new report from Crowd Research Partners.
The study, commissioned by Cybersecurity Insiders, an online community of information security professionals, is based on an survey of 472 cyber security professionals. It shows that the main enabling risk factors include too many users with excessive access privileges (cited by 37 percent), an increasing number of devices with access to sensitive data (36 percent), and the increasing complexity of IT (35 percent).
"Insider threats are often more damaging than attacks from malicious outsiders or malware,” said Holger Schulze, CEO and founder of Cybersecurity Insiders. “That’s because they are launched by trusted insiders - both malicious insiders and negligent insiders with privileged access to sensitive data and applications.”
Of those organizations surveyed, 53 percent confirmed insider attacks against their organization in the previous 12 months. Twenty-seven percent said insider attacks have become more frequent.
Organizations are shifting their focus to detection of insider threats (64 percent), followed by deterrence methods (58 percent), and analysis and post breach forensics (49 percent). The use of user behavior monitoring is accelerating; 88 percent of organizations deploy some method of monitoring users.
The most popular technologies to deter insider threats are data loss prevention, encryption, and identity and access management. To better detect active insider threats, companies deploy intrusion detection and prevention, log management and security incident and event management platforms.