Insider Threats Are Hard to Stop
- 1 of
-
Persistent Risk
88% of respondents expect the risk of privileged user abuse to increase or stay the same over the next 12 to 24 months. -
Slow Response
69% of respondents said their organization lacks the ability to identify insider threats quickly enough. -
Blind Spot
42% are not confident that their company has sufficient visibility to determine if users are compliant with policies. -
Throwing Darts
49% of respondents describe the process of assigning privileged user access as "ad hoc," only a 2% drop since 2011. -
Deficient Detective Work
57% believe that most organizations, when issuing privileged credentials, are coming up short on background checks. -
Outside Influence
Incidents such as the Wikileaks and Snowden scandals have taken a toll: 58% of respondents said their concerns have grown as a result. -
Barriers to Responding to Insider Threats
Company culture: 31%, Dispersed workforce: 27%, Cost: 16%, Lack of expertise: 15%, Outdated IT infrastructure: 10% -
Most Vulnerable Data Types
Business information: 56% of respondents, Customer information: 49%, Employee information: 35%, Intellectual property: 33% -
Tech Comes Up Short
69% of respondents said their security tools don't provide the context to determine the intent of insider threats. -
False Positives
59% of respondents said the tools the organization uses yield too many false positives. -
Target: User Access Rights
47% of respondents believe malicious insiders will use social engineering or other measures to obtain a user's access rights, up from 21% in 2011. -
Driven by Curiosity
65% of respondents said malicious insiders access sensitive or confidential data out of curiosity, not job necessity.
Just because companies are more aware of insider threats than ever doesn't mean they've figured out how to top the associated risks to their networks and sensitive data. A new report, "Privileged User Abuse & The Insider Threat," produced by the Ponemon Institute on behalf of defense and aerospace systems maker Raytheon, suggests that employees with access to privileged data (such as health care records, intellectual property or customer information) are frequently putting that data at risk despite measures taken to offset that risk. "This survey should serve as a wakeup call to every executive with responsibility for protecting company or customer sensitive data," says Raytheon Vice President Jack Harrington. "While the problem is understood, the solutions are not." In assembling the report, Ponemon Institute surveyed 693 "privileged users," including network engineers, database administrators, information security practitioners and cloud custodians. The findings indicate that not only are many organizations not doing enough to protect against insider threats, but the steps they are taking are proving ineffective. "If privileged users want to do bad things," Harrington adds, "their elevated access to the company network makes it easier for them."