Most organisations have gaping security holes when it comes to protecting themselves against insider threats.
According to a SpectorSoft survey of 772 IT security professionals, 32 per cent of respondents said that they have no ability to prevent an insider attack, while 52 per cent of respondents cannot size the potential damage. Also, 44 per cent do not know what they are spending to address the threat.
Although almost three-fourths of respondents (74 per cent) are concerned primarily with employees, whether malicious or merely negligent, while 44 per cent of respondents said they don’t know how much they currently spend on solutions that mitigate insider threats.
“I believe insider threats will continue to increase until investment in the solutions, processes, and people needed to combat them catches up with the growing awareness of the problem,” Mike Tierney, chief operating officer of SpectorSoft said.
“Insider threats are typically more damaging than external, because the insider has been given access and knows exactly what they are looking for. They are typically harder to detect, for the same reasons. I believe increased investment is critical, but should not be done at the expense of perimeter defence. Robbing Peter to pay Paul won’t work here.”