A recent Dtex Systems study?of risk assessments across its customer base found that in fully 95 percent of cases, employees were actively researching, installing or running security or vulnerability testing tools in an effort to bypass corporate security.
For the same reason, the survey found that the use of VPNs, Tor and other anonymity tools to bypass organizational security restrictions doubled from 2015 to 2016.
“Some of the year’s largest reported breaches are a direct result of malicious insiders or insider negligence,” Dtex Systems CEO Christy Wyatt said in a statement. “With limited visibility into user risk, companies face unlimited exposure which can have heavy legal and/or financial impolications.”
“Organizations that actively monitor what’s happening on their endpoints and quickly act to address risks can protect their most important assets: their employees and their data,” Wyatt added.
According to the Dtex report, 60 percent of all attacks are carried out by insiders — and 68 percent of all insider breaches are due to negligence, 22 percent are caused by malicious insiders, and 10 percent are related to credential theft.
Crucial Times for Insider Threats
Notably, the survey found that 56 percent of organizations saw potential data theft from departing or arriving employees during the first and last two weeks of employment.
Twenty-three percent of respondents admitted they would take data from their company if it would benefit them.
The survey also found that 87 percent of employees were using personal, Web-based email on company devices, and 26 percent of employees admitted having installed outside software on work computers.
Fifty-nine percent of organizations found instances of employees accessing pornographic websites at work, 43 percent found employees engaging in online gambling over corporate networks, and 76 percent found staff using pirated software and media.
Sixty-four percent of companies found corporate information publicly accessible onine.
Key Preventative Steps to Take
To reduce the potential impact of insider threats, the report suggests taking the following key steps:
- Improve on- and off-network visibility into user behavior
- Increase visibility over tools prone to credential theft
- Pay attention to employees and contractors who have recently joined or are planning to leave the company
- Pay attention to employees who violate company policy
- Leverage lightweight, scalable solutions that enable broad visibility
- Close the skills gap by providing ongoing training to security teams as well as employees on rapid detection and risky user behavior
- Focus on the point closest to the user – the endpoint – where you will get the most visibility into user risk
- Remain vigilant to anomalous behavior from employees
Separately, a recent Haystax survey of 508 security professionals found that 74 percent of organizations feel vulnerable to insider threats, and 49 percent have no idea if they experienced an insider attack in the past year.
“Ask any cyber security specialist to name the biggest security threat to an organization and they’ll tell you it’s people,” Haystax Technology CEO Bryan Ware said at the time.