Survey says that Cloud adoption increases the risk of Insider Threats

98

MeriTalk, a media based firm which focuses on Government IT has recently disclosed in its survey that cloud adoption is increasing the risk of Insider Threats. The survey says that increased migration to cloud and use of web-based applications are putting the companies at risk from Insider threats.

According to the 59 percent of government employees that responded to the MeriTalk Inside Job Survey, commissioned by Symantec, 86% of the respondents said that their agency has a formal insider threat program in place which identified 75% of the threats are hard to identify and mitigate today than one year ago.

“All thanks to cloud adoption, as boundaries are dissolving, the threat landscape is becoming more Byzantine”, said Rob Potter, Vice President of Public Sector at Symantec.

He added that the adoption of cloud computing techniques, endpoint multiplication, and the penchant to recruit remote workforce is making insider threats tough to identify, manage and prevent.
Mr. Potter said that the report’s stats are alarming as it proves that though cloud systems are offering cost effective measures, they are also making it harder to establish controls over.

And as per the perspective of Mr. Potter, acquisition of technologies that address them and the need to properly implement them is doing a lot of damage.

Potter added that lack of awareness among peers about the presence of NIST Cybersecurity Framework and Technologies that allow monitoring of operations on various systems is increasing the scale of Insider threats.

In such cases, Formal Threat Detection and response protocols, and reporting and maintaining a list of potential or actual incidents will also play a vital role in preventing data loss.

Very recently (May 11, 2017), US President Donald Trump signed an executive order that asks public and private entities to emphasize more on modernizing their IT systems to improve security and mandates as per the standards formulated by NIST on Cybersecurity. The order also says that the director of the organization will be held as responsible for any kind of data loss.

Also, the practice of government employees sharing responses can also help in broadening the communication channels for agencies and can inspire security improvements.

Do you have something to say on this issue…?

Then feel free in sharing your mind through the comments section below.