An “Insider Threat” survey of more than 700 IT decision-makers, indicated that 54 percent believe it is more difficult to detect and prevent insider attacks today than it was in 2011. Also, 46 percent say they are vulnerable to an insider threat attack – in spite of their existing security skills, resources, processes, and technologies.
Jon Oltsik, Senior Principal Analyst at Enterprise Strategy Group, said: “This survey focused on IT concerns around Insider Threats and the IT, security and business professionals surveyed had direct knowledge and responsibilities in this area. While APTs and advanced malware attacks continue in the headlines, the ESG research indicates that organisations remain vulnerable to numerous insider threat vectors. This situation must be addressed as it creates an unacceptable level of IT and business risk.”
The survey was for Vormetric, an enterprise data security
· Abuse of Privileged User rights by employees was a primary concern – with 63 percent responding that they were vulnerable to abuse of privileged user rights by employees
· Cloud security concerns (35 percent), network expansion (36 percent) and APTs that compromise insider credentials (27 percent) head the list of recent changes in IT environments that fuel the perceived expansion in risk from insiders.
Many are taking action – over half (53 percent) are increasing security budgets due to Insider Threats and plan to invest that budget in security controls to counteract those threats. This readiness to take action may be related to the acts of Edward Snowden as the research indicates that 45 percent of organisations have changed their views on insider threats since his disclosures were first reported in the media. This may also explain why third party contractors face increasing scrutiny. Nearly half of all survey respondents (48 percent) believe those third parties pose an insider threat and 58pc admit to feeling vulnerable to those contractors abusing access rights.
Alan Kessler, CEO for Vormetric, said: “The results from this survey highlight the greatly increased concerns organisations have around their valuable data due to recent events, shifts in IT technologies, and the rapid escalation of security threats. Decision-makers are in need of solutions that protect information by securing the data itself, rather than solely the path to that data.”
The survey results and research report are available from Vormetric and Enterprise Strategy Group. You can find the results at http://bit.ly/16eXi07
