One in Three Organizations Surveyed Have Experienced an Insider Attack in the Last Year
CAMPBELL, CA – (September 29, 2016) - Bitglass, the Total Data Protection company, today released its report on insider threats in the enterprise, featuring insights from over 500 cybersecurity professionals on the state of insider data leaks and the tools used to mitigate these threats. In a third of organizations surveyed, careless or malicious user behavior resulted in data leakage, up slightly from a year ago. Furthermore, a majority of respondents (56 percent) believe insider leaks have become more frequent in the last year.
The report explores how the shift to the cloud has affected insider threats and made corporate data accessible beyond the network perimeter, a risk for organizations that do not have adequate visibility and control.
"Adoption of cloud and BYOD are positive developments, but organizations that have limited cross-app visibility will struggle to detect anomalous behavior and need to rethink their approach to data security," said Nat Kausik, CEO, Bitglass. "The reality is that cloud apps have made data more readily accessible and insider threats more prominent – it’s up to the enterprise to put adequate data controls and policies in place to secure vital data.”
- One in three organizations surveyed have experienced an insider attack in the last year while 74 percent feel vulnerable to insider threats.
- Seventy-one percent of cybersecurity professionals are most concerned with inadvertent leaks that are the result of risky unsanctioned app usage, unintended external sharing, and unsecured mobile devices. Negligence (68 percent) and malicious insiders (61 percent) were also of concern to respondents.
- Privileged users were seen as posing the greatest security risk to 60 percent of organizations, more than any other user group.
- Cloud and mobile are forcing IT to rethink detection and prevention. Cybersecurity professionals agree that lack of employee training (62 percent), insufficient data protection solutions (57 percent), more devices with access to sensitive data (54 percent), and more data leaving the network perimeter (48 percent) are at the core of many insider leaks.
- A third of organizations do not have any analytics solutions in place to detect insider threats. Fifty-six percent use some kind of analytics solution to address anomalous behavior, but only 15 percent have user behavior analytics in place.
- Collaboration tools (44 percent) and cloud storage apps (39 percent) were perceived to be most vulnerable to insider threats, as careless users are able to easily share data externally or lose a mobile device that contains sensitive information.
Detecting Insider Threats
Bitglass found that 64 percent of enterprises can detect a breach within a week, up significantly from 42 percent a year ago. Only 23 percent take a month or longer to identify insider breaches, which indicates growing use of cloud-based audit and security tools. Respondents identified analytics as critical in detecting anomalous behavior.
Employee training (57 percent) and identity management solutions (52 percent) topped the list of best means for preventing insider attacks. Data leakage prevention was also included among the most effective tools in 49 percent of organizations.
To view the complete Bitglass Corporate Spies report, visit bitglass.com/insider-threats-2016
Bitglass (bitglass.com) is a leading cloud access security broker (CASB) solution that delivers security and management of corporate data in the cloud, at access, on mobile devices, and anywhere on the Internet. Bitglass was founded in 2013 by a team of industry veterans with a proven track record of innovation and execution. Bitglass is based in Silicon Valley.