It’s an unfortunate reality that cybercriminals and malware exploits are pervasive on the Internet. Organizations have to employ security best practices to adequately protect against those attacks, but insider attacks are actually a much greater threat. Thankfully, it seems that businesses recognize that the authorized users on their networks are a risk, and they’re taking steps to minimize that risk.
Vormetric, a data security vendor, commissioned Harris Poll to conduct a survey of its customers. The Vormetric 2015 Insider Threat Report was compiled from survey results gathered from 818 IT professionals in September and October of 2014. The respondents represent companies around the world, including the United States, United Kingdom, Germany, Japan, and more. The results highlight the significant risk from insider threats but also indicate that the issue is getting the attention it deserves.
The Vormetric report explains, “For business leaders the current data protection position is rapidly becoming untenable. Most readily acknowledge that increased spending on security is unavoidable, but few seem to have a clear vision over where and on what types of protection their security budgets should be invested.”
More than one in ten of the survey respondents believes their organization is not vulnerable to insider attacks. As with almost any aspect of security, feeling invulnerable is simultaneously delusional and dangerous. Fortunately, more than nine out of ten of those surveyed indicated that their organization intends to invest more in IT security and data protection in 2015.
The more realistic flip-side to that 11 percent who don’t think they’re vulnerable is the 34 percent that feel their organizations are very or extremely vulnerable to insider threats. More than half of survey respondents said privileged users—employees with authorized access to sensitive data—are the biggest internal threat to corporate data. Privileged users were followed closely by contractors and service providers (46 percent), and trusted business partners (43 percent).
The increased awareness of the risk posed by users with authorization to access sensitive data is a reflection of some of the recent high-profile data breaches. The report states, “They now understand the damage that a rogue user with admin rights can do, and they recognize that if this type of user is not properly monitored and controlled the damage to the business can be far-reaching. Also, if a privileged user’s credentials are acquired by an external attacker, as US investigators say was the case when a hacker stole the credentials of a system administrator at Sony and orchestrated the recent high-profile data breach, the opportunity to gain free access to key information repositories or deploy malware is likely to be extensive.”
Admitting the problem exists is the first step to addressing it. If organizations and IT admins recognize the risk posed by internal users, they can take steps to mitigate or minimize that risk.