This post was originally publishedĀ hereĀ by Jacob SerpaĀ .
When words like cyberattack are used, they typically conjure up images of malicious, external threats. While hackers, malware, andĀ other outside entities pose a risk to enterprise security, they are not the only threats thatĀ need to be remediated.Ā
Insider threats, whichĀ involve either malicious or careless insiders, are another significant threat to corporate dataĀ that must be addressed. Fortunately, Bitglass hasĀ the latest information on this topic. Read on to learn more.
Ā
In Threatbusters, Bitglass’ 2019 Insider Threat Report, Bitglass set out to learn about the state of insider attacks, as well as to uncover what organizations are doing to defend against them. This was accomplished by partnering with a cybersecurity community and surveying the IT professionals therein. A breadth of survey questions yielded a wealth of information, ranging from theĀ tools that organizations are using to defend against threats, to how long it takes them to recover from these types of attacks. Two examples can be found below.
The frequency of attack
A staggering 73% of survey respondents claimed that insider threatsĀ are becoming a more common occurrence. In 2017, when BitglassĀ released itsĀ previous Insider Threat Report, this number was only 56%. Additionally, 59% of respondents revealed that their organization had experienced at least one insider attack within theĀ last twelve months.Ā For organizations to stay secure in today’s high-speed, cloud-first world where data is shared, accessed, and downloaded more rapidly and widely than ever before, appropriate security controls simplyĀ have to be put in place.Ā
The damage doneĀ
87% of respondents said that it was either moderately difficult or very difficult to determine the damage done in the wake of an insider attack. This should notĀ come as a surprise. Because insider attacks involve the use of legitimate credentials, distinguishing legitimate user activity from threatening user activity can be challenging (especially because said behavior can go unnoticed for extended periods of time if the proper tools are not in place). Naturally,Ā this means that it can be difficult to ascertain the extent of the damage that these authorized users have done.Ā
The above items are only a sample of what Bitglass was able to uncover in its most recent research. To learn more about insider attacks and how organizations are addressing them, download the full report below.
Photo:BetaNews
