The insider threat has become one of today’s most pressing cyber security concerns. In 2016, the Insider Threat Report Spotlight found seventy-four percent of organizations feel vulnerable to insider threats—a dramatic year-over-year increase. However, less than half of all organizations (42 percent) have the appropriate controls in place to prevent an insider attack. The survey also provides greater insight on the source of the threats: “Privileged users, such as managers with access to sensitive information, pose the biggest insider threat to organizations (60 percent). This is followed by contractors and consultants (57 percent), and regular employees (51 percent).”
Most companies miss the mark when defending against the “insider” threat, which in many cases is not a rogue employee seeking personal gain, but a case of compromised credentials. In fact, 22 percent of all data breaches are caused by compromised credentials and 65 percent of companies expect to suffer a breach due to compromised credentials in the future, according to a survey conducted by the Cloud Security Alliance and sponsored by Centrify. What’s more, most companies are often oblivious to the breach, with data being exfiltrated just hours after the break-in…
The Insider Threat Report Spotlight also describes the challenges to detect and remediate the threats, indicating that only 27 percent of organizations feel they can detect a threat within hours and only 24 percent can remediate the problem within hours after detection. Yet, according to Verizon’s 2016 Data Breach Investigation Report, 81.9 percent of organizations surveyed reported that a compromise took only minutes to infiltrate company systems, with a majority of respondents showing that associated data was exfiltrated within hours of the initial compromise. This means that there is little chance today’s enterprises can actually stop data loss from occurring using current techniques in regards to such threats..Read More
