Share this article on:
October is National CyberSecurity Awareness Month: An annual campaign designed to raise awareness of cybersecurity threats and improve the resilience of the nation in the event of a cyber incident.
Each October, the National Cyber Security Division (NCSD) of the Department of Homeland Security and the National Cyber Security Alliance (NCSA) launch a number of initiatives to educate the public – and public- and private-sector partners – on cybersecurity issues and encourage the adoption of security best practices.
Given the volume of cyber-attacks that have occurred over the past 12 months, this year’s event is more important than ever. Attention is being focused on external threats, but it is important not to ignore the threat from within. Insider threats continue to plague organizations, yet defenses against insider attacks are often found lacking.
74% of Cyber Security Pros Feel Vulnerable to Insider Threats
Last month saw the release of the 2016 Bitglass Insider Threat Report which provides some insight into the risk of insider data breaches. The report also shows that many organizations lack both the controls to prevent insiders from causing data breaches and the visibility to identify insider security breaches when they occur.
For the report, Bitglass surveyed 500 cybersecurity professionals to determine the frequency that insider data breaches were occurring, the tools that were being used to prevent insider data leaks, and perceptions of the risk to data security posed by insiders.
The study revealed that 74% of cybersecurity professionals feel vulnerable to insider threats and with good reason. One in three organizations surveyed had experienced an insider data breach in the past 12 months and 56% believe insider leaks have increased in frequency over the course of the past 12 months.
The biggest cause for concern was inadvertent leaks rather than malicious insiders. 71% of respondents said inadvertent leaks were of greatest concern, 68% cited negligence of employees, while 61% said malicious users were the greatest risk.
When asked about the reasons why the risk of insider breaches is growing, 62% said it was a lack of employee training and 57% said they had insufficient data protections in place to prevent insider data leaks. 48% said more data were now leaving the network perimeter while 54% reported the increase in devices accessing their networks had contributed to the rise in data leaks.
Survey respondents also indicated there were numerous flaws in their organization’s security strategies. Those flaws make it hard to prevent insider breaches and also to detect them when they occur. For instance, 56% of respondents said they use analytics of some sort, yet only 15% have user behavior analytics in place.
Privileged users were deemed to pose the greatest security risk according to 60% of respondents, while collaboration tools were rated as being most vulnerable to insider threats by 44% or respondents, followed by cloud storage and finance/accounting apps (39%).
According to Salim Hafid, product manager for Bitglass, “A huge number of organizations that have cloud applications deployed have no means to identify these careless activities and no way to mitigate the threat.” It is now very easy for careless users to share information outside the company via Office 365 or to lose devices that have access to sensitive data via Dropbox and other sharing tools.
Protecting against insider threats is viewed as difficult by many cybersecurity professionals, although the most effective strategies were seen to be policies and training (57%), identity and access management (52%), encryption (50%), and data leakage prevention (49%). 45% of respondents said user behavior anomaly detection was an effective tool to prevent insider leaks.