• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

One million six hundred ninety-one thousand reasons to look inside

May 5, 2016 by Mike Tierney

insider threats veriato

Copyright: 123rf/

The following is a guest post by a 2016 Secure360 Twin Cities Gold Sponsor Veriato.

At Veriato we consistently survey the market to help better understand the challenges that information security professionals are dealing with. Here are some key findings:

1. Insider attacks are on the rise

62% of security professionals surveyed believe insider attacks have become more frequent.

2. Insider attacks are costly

Our survey respondents estimate the cost of remediating a successful insider attack at some $445,000. From the just about ¼ of respondents who bravely acknowledged experiencing an insider attack(s), we learned that the average number of known insider attacks per organization in the last 12 months was 3.8.

3. Insider attacks are difficult to detect and prevent

When asked how difficult it is to detect and prevent, 62% said insider attacks are more difficult than external attacks.

This makes sense for multiple reasons. First, an overwhelming majority of budgeted dollars go towards defending against external attacks as compared to internal. All that firepower breeds confidence. Second, insider attacks are by their very nature difficult to deal with. How do we prevent someone who has the keys to our house and our alarm code from entering it when we aren’t home and rifling through the drawers?

When it comes to insider attacks, our focus needs to be on detection. If we can detect a problem we can respond to it. Don’t let the daunting nature of trying to figure out how to prevent an attack paralyze you from taking action that will help secure your company.

4. 63% of survey respondents are most concerned with data leaks stemming from insider attacks

5. 29% are most concerned with IP Theft

6. 23% are most concerned with espionage.

Given that, it’s not surprising that databases (57%) and file servers (55%) we the top 2 IT assets considered most vulnerable to insider attack.

What data in particular? Customer data, intellectual property, sensitive financial, and company data (employee information, sales and marketing data, and healthcare related data) were the top types of data most vulnerable to an insider attack.

Yet with all this concern about data being leaked, breached, or stolen by insiders, only 21% of organizations continuously monitor the behavior of the users on their network.

Only 30% of organizations are using any type of analytics to help them detect insider threats.

Insider threats are real. They are damaging. They are difficult to detect and prevent. And we are concerned about our data.Yet budgets are not aligned. Only 34% expect their insider threat program budget to increase in the coming 12 months. More than 10% actually believe their budgets will go down.

And only about 1/5 of organizations have focused technology in place aimed at detecting the types of shifts in user behavior that indicate insider threat. Something needs to change, or we will continue to read about devastating insider attacks.

Where to start?

The first and most critical step towards mitigating the risk of a successful insider attack is detection. There is a detection problem. The good news is that problems can be solved.

First, focus where the problem is. The most common launching point for an insider attack is the endpoint – the place from where the insider is accessing the databases and file servers. We have users. Users are insiders. User Behavior Analytics has emerged to focus on detecting insider threats. And our user / insiders are most commonly attacking from the endpoint.

It stands to reason that we need to focus on the user activity and behavior taking place on the endpoint. Given the high cost of cleaning up after a successful insider attack, we can’t afford not to.

Filed Under: Guest Posts

About Mike Tierney

Mike Tierney, Chief Operating Officer, is responsible for the day to day operations of the company, as well as the overall product strategy. Prior to joining Veriato previously known as Spectorsoft, Mike oversaw a large product portfolio that included solutions for desktop security, least privilege management, file access control and reporting, and compliance. Mike also has responsibility for Operations, and in this capacity deal with the same issues facing most companies: improving security and productivity while respecting user privacy.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Marketing Envy
    Marketing Envy: [New Blog] 2020 saw in-person conferences evaporate, but with vaccines rolling out, 2021 could be different. H… https://t.co/4YONwZNsDa
    about 3 hours ago

  2. Secure360 Conference
    Secure360 Conference: We are honored to be listed on the Top 20 Cyber Conferences for 2021 -> https://t.co/MnrQ3E5ifw
    about 1 day ago

  3. Secure360 Conference
    Secure360 Conference: Fascinating stuff about the shift from brick & mortar to e-commerce, from Diamond Sponsor @cisco! https://t.co/4GaYGQKZ1a
    about 3 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.