A survey from cloud security firm Bitglass revealed the state of enterprise security related to insider threats. In its “2020 Insider Threat Report,” Bitglass stated that negligent or careless employees can pose severe security risks to organizations. Mitigating insider attacks is challenging for an organization’s IT or cybersecurity team since access to legitimate credentials can put the entire enterprise network in danger.
With businesses undergoing rapid migrations and working remotely due to the ongoing pandemic, securing against insider threats has become a challenge for many organizations. Nearly 61% of respondents reported at least one insider attack in the last 12 months. Several organizations admitted that they cannot detect insider threats from personal devices (82%) or the cloud (50%), and 81% of them find it difficult to assess the impact of insider attacks. While 49% of respondents stated that one week typically goes by before insider attacks are detected, 44% said that another week usually passes before the organization recovers from the attack.
The survey also highlighted that 73% of organizations’ security budgets are decreasing or staying flat over the next year. “Few respondents have a single platform that delivers complete, unified visibility and control for any interaction. When dealing with multiple disjointed tools that provide disparate levels of protection, security professionals spend an inordinate amount of time managing each of the solutions individually,” the report stated.
Anurag Kahol, CTO of Bitglass, said, “Enterprises report that loss of critical data and disruption to business operations are the biggest repercussions of insider attacks. Along with brand damage, remediation costs, legal liabilities, and loss of revenue, these are serious ramifications that must be prevented. Enterprises need a multi-faceted security platform that is designed to monitor user behavior, secure personal devices, deliver maximum uptime and cost savings, and prevent leakage on any interaction. Only then can they defend against insider threats.”
The survey findings are based on the responses from security professionals to understand how their businesses balance budgetary and data protection concerns while defending against insider threats.
Insider Threats on Rise
Several industry experts stressed that insider threats are the primary concern for every security leader, as many organizations fail to address the insiders within their own company. As a result, numerous data breaches happen due to employee negligence or unintentional actions like responding to a phishing email with sensitive information or downloading malicious content. A recent survey report “2020 Cost of Insider Threats: Global Report” from the Ponemon Institute revealed that insider threats increased by 47% from 3,200 in 2018 to 4,716 in 2020. It also revealed that the cost of insider threat incidents also surged by 31% from $8.76 million in 2018 to $11.45 million in 2020.