A new Bitglass report on insider threats in the enterprise found that, in a third of organizations surveyed, careless or malicious user behavior resulted in data leakage, up slightly from a year ago. 56 percent of respondents believe insider leaks have become more frequent in the last year.

insider attack

“Adoption of cloud and BYOD are positive developments, but organizations that have limited cross-app visibility will struggle to detect anomalous behavior and need to rethink their approach to data security,” said Nat Kausik, CEO, Bitglass. “The reality is that cloud apps have made data more readily accessible and insider threats more likely – it’s up to the enterprise to put adequate data controls and policies in place to secure vital data.”

Bitglass found that 64 percent of enterprises can detect a breach within a week, up significantly from 42 percent a year ago. Only 23 percent take a month or longer to identify insider breaches, which indicates growing use of cloud-based audit and security tools. Respondents identified analytics as critical in detecting anomalous behavior.

Employee training (57 percent) and identity management solutions (52 percent) topped the list of best means for preventing insider attacks. Data leakage prevention was also included among the most effective tools in 49 percent of organizations.

insider attack

Key findings

  • One in three organizations surveyed have experienced an insider attack in the last year, while 74 percent feel vulnerable to insider threats.
  • Seventy-one percent of cybersecurity professionals are most concerned with inadvertent leaks that are the result of risky unsanctioned app usage, unintended external sharing and unsecured mobile devices. Negligence (68 percent) and malicious insiders (61 percent) were also of concern to respondents.
  • Privileged users, more than any other user group, were seen as posing the greatest security risk by 60 percent of organizations.
  • Cloud and mobile are forcing IT to rethink detection and prevention. Cybersecurity professionals agree that lack of employee training (62 percent), insufficient data protection solutions (57 percent), more devices with access to sensitive data (54 percent) and more data leaving the network perimeter (48 percent) are at the core of many insider leaks.
  • A third of organizations do not have any analytics solutions in place to detect insider threats. Fifty-six percent use some kind of analytics solution to address anomalous behavior, but only 15 percent have user behavior analytics in place.
  • Collaboration tools (44 percent) and cloud storage apps (39 percent) were perceived to be most vulnerable to insider threats, as careless users are easily able to share data externally or lose a mobile device that contains sensitive information.

Help Net Security

In this episode, we talk with Mike Tierney, who is the brand-new CEO at Veriato. In our conversation we talk through a primer on insider threat, and use the great example of hosting a dinner party.

Mike has loads of nuggets of wisdom from his experience and we're certain that if you're a seasoned insider threat professional, or just thinking about the topic and wondering if you can do anything to protect your company - this show will be a good primer for furthering your discussion and learning.

Listen in, comment and share with your colleagues! Our show is always safe for the office and educational.

Talk back! Use our Twitter hashtag #DtSR to discuss this episode, ask questions, or suggest other topics or guests for the future!

Direct download: DtSR_Episode_212_-_Insider_Threat_Primer.mp3
Category:Enterprise Security -- posted at: 12:00am CDT

Information Security Podcasts

Understanding the intersection between health care and data security is becoming more critical in our increasingly connected world. In order to keep sensitive medical records secure, hospitals and other health care organizations need to recognize what makes this data so valuable and appreciate that they face unique data security challenges.

Also unique is the path that brought Dr. Michael Ash to his current role as Associate Partner for Security, Strategy, Risk and Compliance at IBM. Having previously practiced as an oral surgeon with the U.S. Air Force, Michael has an uncommon familiarity with the worlds of both health care and security. In this podcast, Michael uses his distinct viewpoint to illustrate the value of protected health information (PHI), the dangers of ransomware and the need for better security practices in the health care industry.

Listen now — or download and listen on the go — to hear Michael’s data security insights and his actionable advice on what organizations can do to address their PHI protection challenges.

Read the IBM X-Force Research Report: Security Trends in the Health Care Industry

Never miss a new edition of the Security Intelligence podcast! Subscribe today via iTunes or your favorite platform.

Security Intelligence