Only nine percent of 500 IT decision makers feel that they are safe from the “insider threat”!
According to research by Vormetric, 42 percent acknowledge that it is ‘privileged users’ that pose the biggest risk to their organisation, while 47 percent admit to finding insiders more difficult to detect.
However with 91 percent of the respondents admitting to feeling unsafe, Alan Kessler, CEO for Vormetric, told IT Security Guru that he could not believe that the nine percent were serious. “We found European users monitored their networks on a regular basis compared to others, but the exfiltration of data is what they focus on.”
Andrew Kellett, principal analyst at Ovum, who conducted the study, said that he suspected the nine percent were organisations who felt themselves to be safe and, when asked if they were in denial, Kessler said that these people likely want business technology to be outstanding, when really the people with access are not the most trusted.
“If you know the adversary and have an entity who wants your information, they will get it and they are probably inside, and the economic situation is one that if it is more difficult to break into, and your IP is better than another company’s, it has got to be better for you,” he said.
Commenting, Adrian Davis, EMEA managing director of (ISC)2, told IT Security Guru that one of the big problems is once an attacker is inside, they have bypassed the security technology and most are designed to keep people out. “Once you are behind the technology, there tends to be much less control,” he said. “Snowden was not critical of the NSA technology, he was critical of management. He was a contractor and no one managed him and there were no reporting lines, he looked at the information and no one managed him.
“You need to understand what people are doing and what they see, as without that technology is much less effective. It is not only technology, but people and process. With insider threat, if someone is working for you, they have got privileges and opportunity to get access to information, so where does the motivation come from? What is the trigger?”
The survey also found that 66 percent of respondents are planning to increase their IT security budgets as a direct response to this risk. Paul Ayers, VP EMEA at enterprise data security firm Vormetric, said that there are variants in Europe and, in the UK, 63 percent suggested an increase in spending.
Kellet said: “The UK felt comfortable in the situation and the results show that the US is a little more paranoid. We are a little better in the UK and at the moment organisations do not feel as likely to be hit by penalties.”
Asked if the increase was due to the Edward Snowden stories of last summer, Ayers said that “paranoid” was an interesting term, as awareness can help prevent threats as it raises knowledge to the board.
Kessler said: “There is a major breach every week and a clear definition of the insider threat. The likelihood of working with contractors and business partners extends your perimeter to a wider group of users and access requirements”
Kellet said: “There is a lot of working to be done to make sure you have access to those who understand how access works and how to make access very hard.”