49 Percent of Organizations Don’t Know if They’ve Experienced Insider Attacks

A recent Haystax survey [PDF] of 508 members of the Information Security Community on LinkedIn found that fully 49 percent of organizations have no idea if they experienced an insider attack in the last 12 months.

The survey, conducted in partnership with Crowd Research Partners, also found that 74 percent of organizations feel vulnerable to insider threats, a seven percent increase over the previous year’s survey.

Sixty-seven percent of respondents agreed that because insiders have credentialed access to their networks and services, they’re much more difficult to detect and deter than external threats.

“Ask any cyber security specialist to name the biggest security threat to an organization and they’ll tell you it’s people,” Haystax Technology CEO Bryan Ware said in a statement.

Respondents’ leading concerns regarding insider threats are that the attacker or attackers will monetize sensitive data (55 percent of respondents), followed by fraud (51 percent), sabotage (42 percent), IP theft (39 percent) and espionage (38 percent).

The Growth of Insider Attacks

What’s more, 56 percent of security professionals said insider attacks have become more frequent over the past year. When asked why, respondents’ leading reasons were insufficient data protection strategies or solutions (57 percent) and the increasing number of devices with access to sensitive data (54 percent).

Still, just 42 percent of organizations said they’re regularly monitoring user behavior, and 21 percent are doing nothing at all.

Among respondents that are investing in insider threat mitigation, 61 percent are focusing mostly on deterrence (access controls, encryption, policies, etc.), and 49 percent are focusing on detection (monitoring, intrusion detection systems, etc.).

Forty-six percent of respondents believe they could detect an attack within a day at most, and 68 percent are confident in their ability to recover from an attack in a week or less.

Still, 75 percent of respondents said remediation could cost up to $500,000, and the remaining 25 percent believe costs could exceed that amount.

Lack of Security Awareness

Separately, a recent Forcepoint survey of 4,000 office workers in the U.K., France, Germany and Italy found that 43 percent of respondents said their organization isn’t current vulnerable to an insider threat, and 30 percent said they were unsure.

Strikingly, 26 percent of respondents said they didn’t know whether or not sharing work login credentials poses a security risk, and 27 percent said they don’t consider the security of their data before uploading it to the cloud.

Fully 11 percent of respondents admitted having mistakenly sent data to third parties, and 29 percent said they had done so intentionally.

Fifteen percent of respondents said they’ve taken business critical information with them from one job to another.

Thirty-nine percent of respondents said they had never received data protection training, and 27 percent felt their organizations were either lacking security policies to prevent data loss or were failing to enforce such policies.

Sharing Information for a Price

Fourteen percent of respondents said they would consider selling their login information to a third party, and 40 percent of those would do so for less than ?200.

“The fact that a significant percentage of workers are willing to sell their credentials leads to the conclusion that they have no confidence in their companies’ abilities to spot malicious behaviors,” Dtex Systems CEO Christy Wyatt told eSecurity Planet by email.

“When you consider that the vast majority of all data breaches are caused by some form of insider, it is amazing that enterprises haven’t solved the problem of gaining insight into what is happening on their endpoints, in the clouds and on corporate networks,” Wyatt added.

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles