Stagnant budgets and rising insider security threats
A Vectra Networks survey of more than 500 cybersecurity professionals in the Information Security Community on LinkedIn reveals that insider threats are rising, but IT security budgets are not. Of those surveyed, 68 percent feel vulnerable to insider threats and less than half feel they have sufficient control over insider threats.
Key findings of the research include:
- 62 percent say insider threats have become more frequent in the past 12 months. Only 34 percent expect additional budget to address the problem.
- Less than 50 percent feel they have appropriate controls in place to prevent insider attacks.
- 62 percent say that insider attacks are far more difficult to detect and prevent than external attacks.
- Privileged users, such as managers with access to sensitive information, pose the biggest insider threat (59 percent). This is followed by contractors and consultants (48 percent) and employees (46 percent).
- 38 percent estimate that remediation can cost up to $500,000 per insider attack, while 64 percent find it difficult to estimate the damage of a successful insider attack.
“Asking security professionals to do more with less puts organizations at risk,” says Holger Schulze, founder of the Information Security Community on LinkedIn. “Insider threats cause long-lasting economic and reputation damage to an organization.”
“Insiders often already have access to systems and sensitive information, making it vital for organizations to deploy security solutions that monitor internal traffic in addition to Internet-bound traffic where signs of insider attacks and external cyber attacks can be detected in real time,” he added.
The survey shows that most organizations focus their insider threat management efforts on deterrence, including user training (45 percent) and background checks (41 percent), while only 39 percent monitor user activities, largely through access logging. With less than half indicating they have appropriate controls, these passive precautions alone are insufficient when privileged users have malicious intent.