An inattentive employee could be the biggest threat to your company’s data.
The study’s main finding is that nearly half (48 percent) of respondents named insider threats as one of the top two obstacles security teams face. The majority of the respondents (61 percent) say insider threats are more difficult to catch than those of an external nature. And the problem of insider threats is growing, according to more than half (51 percent) of the security professionals.
“As the threat landscape evolves, insiders continue to be the easiest target for hackers simply because humans are the most vulnerable part of an organization’s security strategy,” Dtext Systems CEO Christy Wyatt said. “Businesses struggle to pinpoint effective ways to detect the exact moment an insider becomes a threat — whether through negligence, credential theft or malicious intent.”
The study found that malicious intent isn’t normally the motivation of the insider threat. Careless employees, said 61 percent of respondents, were responsible for breaches or compromises. Bring-your-own-device (BYOD) strategies have blurred the line for how employees manage company-sensitive data and were the main reason for a rise in insider threats, according to 55 percent of the survey-takers. The study found that the majority of companies are combating this problem with training; however, training didn’t result in any noticeable correlation in confidence.
“Existing employee training protocols, malware detection tools, antivirus platforms and SIEMs alone lack context to reliably detect insider vulnerability,” Wyatt said. “Advanced user behavior intelligence provides the critical visibility and context into user activity at scale to effectively detect insider threats before critical damage occurs, while protecting user privacy.”