More than half of organizations (58 percent) still lack the appropriate controls to prevent insider attacks, with just under half (44 percent) unaware if their organization has experienced an insider attack at all, according to a new survey of more than 500 cybersecurity professionals.
The Insider Threat Spotlight Report also found that nearly half of those surveyed have seen an increase in insider attacks over the last 12 months.
Inadvertent data breaches (71 percent) top the list of insider threats companies care most about. Negligent data (68 percent) and malicious data (61 percent) breaches come in a close second and third.
The biggest threat comes from privileged users, such as managers, with access to sensitive information, with 67 percent believing that the fact insiders have credentialed access makes insider attacks more difficult to prevent.
“If you are not looking for insider attacks, you are simply not seeing them,” said Mike Tierney, CEO, Veriato. “Your organization is, and will be, compromised by insiders, and to prevent attacks, you need to have some controls in place that are specifically focused on the insider. Trust is a strategy for failure.”
According to the survey, the endpoint is the most common launching point for an insider attack—by a wide margin (58 percent more than the next most common launching point: mobile devices).
Tracking file movement across the network is a critical component of a data security strategy, according to 75 percent of respondents, with 57 percent naming databases as the most vulnerable asset to an inside attack.
Survey respondents also named three barriers to better insider threat management:
- Lack of training and expertise (60 percent)
- Insufficient budgets (50 percent)
- Lack of collaboration between departments (48 percent). Notably, lack of collaboration is the barrier with the highest gain since the previous survey, moving up 10 percentage points.
“Not only do companies need to do a better job of educating employees about what data they are able to share or take with them when they leave, but the departments within the companies need to do a better job working together to share any red flags they are seeing, for example from disgruntled employees,” Tierney added. “This collaboration, coupled with user behavior monitoring and analytics solutions, can play a huge role in detecting and preventing insider attacks that could potentially cost hundreds of thousands.”