Organizations are underestimating the severity of insider threats
Imperva has published data showing that organizations are failing to address the issue of insider threats during a time when the risk is at its greatest.
New research, conducted by Forrester, found that 59% of incidents in EMEA (i.e. Europe, Middle East & Africa) organizations that negatively impacted sensitive data in the last 12 months were caused by insider threats, yet 59% do not prioritize insider threats the way they prioritize external threats.
The majority of respondents blame lack of budget and internal expertise, but other problems abound. 29% of firms do not perceive insiders as a substantial threat, and 33% say their organizational indifference to insider threats is due to internal blockers such as a lack of executive sponsorship. In fact, 70% of organizations do not have an insider risk management strategy or policy, and a majority at 58% do not have a dedicated insider threat team.