Only 12% of enterprises are consistently able to detect insider threats

73 percent of IT professionals believe that insider attacks have become more frequent in the past year. Additionally, 59 percent said that their organizations experienced at least one insider attack over the last 12 months.

detect insider threats

As corporate data moves to more devices and cloud applications, failing to implement the appropriate security controls will only serve to further enable these threats.

In partnership with a leading cybersecurity community, Bitglass surveyed IT professionals about insider threats, as well as what their organizations are doing to defend against them, and released the 2019 Insider Threat Report.

“Insider attacks are harder to identify and remediate than those that originate from outside the enterprise,” said Rich Campagna, CMO of Bitglass.

“This is caused by a number of factors highlighted throughout the report, including insufficient authentication, inadequate user behavior monitoring in the cloud, and a failure to properly secure personal devices. If organizations want to prevent insider attacks, they have to address these security gaps.”

detect insider threats

Key findings

  • 41 percent of respondents said that their organizations do not monitor for abnormal user behavior across their cloud footprints
  • Only 12 percent of enterprises are consistently able to detect insider threats stemming from personal mobile devices, including those that are off premises or lack agents
  • 56 percent of respondents believe it is more challenging to detect insider threats after migrating to the cloud
  • 68 percent of organizations feel moderately to extremely vulnerable to insider threats
  • Only 50 percent of organizations provide user trainings about insider threats, and a mere 31 percent implement secondary authentication to defend against them
  • 56 percent of respondents claimed that their organizations can detect insider threats within the day that they occur; 50 percent said that they can recover from an insider attack within the same time period

Don't miss