Insider threats continue to dominate

Ordinary employees, privileged users and the supply chain – such as contractors and third party service providers – are all conduits for a traditional insider threat, according to Vormetric. But the spectrum of insider threats also includes the compromise of these insider accounts by hackers using APT attacks and other methods.

As cloud and big data adoption accelerates, these new technologies also bring new risks to organizations with additional administrative roles and potentials for infrastructure compromise.

“Retailers and financial services organizations are feeling the heat. Over 51% of retail respondents reported being very or extremely vulnerable to these attacks – the highest rates measured in the study. Financial services respondents reported the overall highest level of vulnerability at 97%,” said Alan Kessler, CEO of Vormetric. “Surprisingly, the data also shows that organizations are not connecting the dots about how to solve the problem. These organizations continue to invest at similar rates in both the network and end point security technologies that consistently fail under today’s attacks, as well as the data-at-rest solutions that can help them to solve the problem.”

Key findings for financial services:

  • 97% of U.S. financial services respondents reported they were “somewhat” or more vulnerable to insider threats
  • 41% of U.S. financial services respondents have experienced a data breach or failed a compliance audit in the last 12 months
  • 63% of U.S. financial services respondents cited “privileged users” as the most dangerous insider threat – a full 20 percentage points above the second-highest category, “partners with internal access”.

When asked about the top 3 IT security spending priorities:

  • 57% of U.S. financial service respondents cited preventing a data breach incident – a 2.5X increase since 2013, which saw 21% of respondents citing it as spending priority
  • 43% cited protection of finances and other assets
  • 39% cited fulfilling compliance requirements and passing audits.

Key findings for the retailer sector:

  • 93% of U.S. retail respondents reported they were “somewhat” or more vulnerable to insider threats
  • 48% of U.S. retail respondents have experienced a data breach or failed a compliance audit in the last 12 months
  • Although meeting compliance requirements was not a top spending priority, 77% of retail organizations rated compliance requirements as “very” or “extremely” effective at offsetting insider threats.

With data security now a board-level issue, organizations need to make it a priority to develop a focused IT security strategy that includes:

  • Deploying a layered defense that combines traditional IT security solutions with advanced data protection techniques
  • Prioritizing the protection of data at the source. For most organizations, this involves protecting a mix of on premise databases and servers, newer big data implementations and remote cloud resources
  • Leveraging a range of data-centric security techniques that protect where the data is stored and that can move with the data. Use data encryption, tokenization, data masking and other techniques that can de-identify data, control data access and that increase data access visibility
  • Implementing integrated data monitoring and technologies such as SIEM systems to identify data usage and unusual and malicious access patterns.