IT Managers Are Overconfident About Insider Breaches

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

According to the results of a recent survey of 100 senior IT security managers in the UK, 63 percent of respondents think it's "easy" to govern staff access rights and privileges, even though 42 percent admit they don't have, or are unsure of, the ability to monitor and prevent breaches caused by accidental or deliberate staff actions.

The survey, commissioned by Courion and conducted by OnePoll, also found that one in four respondents named failure to follow access policies as the greatest threat to their organization's data security -- more than professional hackers.

Courion's findings match those of a recent PwC survey [PDF] of 500 U.S. executives, which found that while 32 percent of respondents say insider breaches are more costly or damaging than attacks by outsiders, only 49 percent have a plan for responding to insider threats.

Still, 43 percent of respondents to Courion's survey wish they had a better relationship with human resources in managing staff access rights, and 59 percent don't feel confident or are unsure they get enough help in dealing with insider threats.

In the case of a data breach, 42 percent fear they would lose their job and 34 worry about a demotion.

"Like elsewhere, UK CISOs and IT managers are under immense pressure to prevent data breaches," Courion CEO Chris Zannetos said in a statement. "What's striking is many are finding it difficult to get the support needed to appropriately address insider threats."

"IT infrastructures have become increasingly complex as the access needs of users constantly change," Zannetos added. "This makes it challenging for CISOs and IT managers to understand, and as a result effectively communicate, exactly where business risk lies."

Insider breaches are becoming increasingly common across a wide variety of industries. Just in the past few months, a former Home Depot employee stole hundreds of customers' credit card information; a former Blue Cross and Blue Shield of Kansas City employee stole 2,546 members' financial information; a former Ladies First Choice employee stole 2,365 customers' personal information; two former Rouge Valley Hospital employees stole as many as 8,300 patients' personal information; and an insider breach exposed 100,000 Morrisons employees' payroll data.

And insider breaches at third party vendors can also cause a security headache -- AT&T Mobility recently suffered a significant data breach when three employees of a unnamed vendor inappropriately accessed an undisclosed number of AT&T customers' Social Security numbers and birthdates.

Camouflage president and CEO Kevin Duggan said by email that it's crucial for businesses to be more proactive in protecting data from insider breaches. "Documenting access policies and managing access rights is an important first line of defense in protecting personal sensitive data from accidental or malicious exposure to insiders," he said.

This article eSecurity Planet published last summer offers some good advice on fighting insider threats.