Are Insider Threats Cybersecurity’s #1 Concern?
There is no doubt that every organization is vulnerable to an insider threat! According to Vormetric’s 2015 Insider Threat Report, 93 percent of IT professionals think their company is at risk from an insider threat. Also, 59 percent worry about privileged users, employees who have high-level access to very sensitive data. Being a privileged used makes them the organization’s greatest threat.
Because of the recent Sony hack, insider threats and the dangers they pose are getting a lot more attention than they used to. Insider threats are not new of course. They have been a problem for a long time and a top focus area for security concerns. However, others outside of IT and security staff are now starting to grasp the severity of inside threats.
SolarWinds also conducted a study on insider threats within the federal government, including military and intelligence agencies. This study discovered that 53 percent of federal IT employees identified careless and untrained insiders as the greatest source of IT security threats at their agencies. Plus, 64 percent believe as I do that insider threats pose more danger than an outside threat.
It’s clear that IT personnel are worried about insider threats, and despite more awareness of the damage that security incidents can cause and the steps that can be taken to decrease risks, the number of professionals who worry about insider threat continues to increase. Which is a good thing, because this increase will hopefully result in better awareness and increased education on this subject.
To protect against the insider threat I recommend focusing more on the data. Data protection initiatives need to follow the data; protecting data at rest wherever it resides. For most organizations this will involve protecting both on-premise databases and servers as well as newer big data applications and data used in public, private and hybrid cloud implementations.
This is something I’m hearing more frequently, that security needs to focus more on the data rather than on the perimeter. In the case of insider threats, that has to be the case, as the perpetrator is already inside the perimeter of the network. The question is how to best take that approach and shift gears in the way we think about security overall. It’s a question that I plan to look into more in depth in future blogs.
To learn more about insider threat and other cybersecurity topic visit the National Cybersecurity website and continue to follow our blogs, seminars, and other excellent offerings.
2015 Vormetric Insider Threat Report, http://www.vormetric.com/campaigns/insiderthreat/2015/
SolarWind’s Federal Cybersecurity Survey, http://www.slideshare.net/SolarWinds/solar-winds-it-security-survey-report-2015-final
Top Security Priorities for CIO’s in 2014, http://www.itbusinessedge.com/slideshows/top-security-priorities-for-cios-in-2014-07.html