1 in 3 organizations have experienced an insider attack in the last year
A new Bitglass report on insider threats in the enterprise found that, in a third of organizations surveyed, careless or malicious user behavior resulted in data leakage, up slightly from a year ago. 56 percent of respondents believe insider leaks have become more frequent in the last year.
“Adoption of cloud and BYOD are positive developments, but organizations that have limited cross-app visibility will struggle to detect anomalous behavior and need to rethink their approach to data security,” said Nat Kausik, CEO, Bitglass. “The reality is that cloud apps have made data more readily accessible and insider threats more likely – it’s up to the enterprise to put adequate data controls and policies in place to secure vital data.”
Bitglass found that 64 percent of enterprises can detect a breach within a week, up significantly from 42 percent a year ago. Only 23 percent take a month or longer to identify insider breaches, which indicates growing use of cloud-based audit and security tools. Respondents identified analytics as critical in detecting anomalous behavior.
Employee training (57 percent) and identity management solutions (52 percent) topped the list of best means for preventing insider attacks. Data leakage prevention was also included among the most effective tools in 49 percent of organizations.
Key findings
- One in three organizations surveyed have experienced an insider attack in the last year, while 74 percent feel vulnerable to insider threats.
- Seventy-one percent of cybersecurity professionals are most concerned with inadvertent leaks that are the result of risky unsanctioned app usage, unintended external sharing and unsecured mobile devices. Negligence (68 percent) and malicious insiders (61 percent) were also of concern to respondents.
- Privileged users, more than any other user group, were seen as posing the greatest security risk by 60 percent of organizations.
- Cloud and mobile are forcing IT to rethink detection and prevention. Cybersecurity professionals agree that lack of employee training (62 percent), insufficient data protection solutions (57 percent), more devices with access to sensitive data (54 percent) and more data leaving the network perimeter (48 percent) are at the core of many insider leaks.
- A third of organizations do not have any analytics solutions in place to detect insider threats. Fifty-six percent use some kind of analytics solution to address anomalous behavior, but only 15 percent have user behavior analytics in place.
- Collaboration tools (44 percent) and cloud storage apps (39 percent) were perceived to be most vulnerable to insider threats, as careless users are easily able to share data externally or lose a mobile device that contains sensitive information.