Insider Attacks Present a Danger

Monday, August 8, 2016 @ 06:08 PM gHale


If you ask a security professional if they see more attacks from the outside or from the inside, more often than not, you get a different answer depending on the time of day.

In the end, it probably doesn’t matter because if a company is secure and has proper defense in depth, they can withstand either type of an attack.

RELATED STORIES
Security from Beginning Adds Value
No Security Plan in Place for Companies
ICS Components Still Connected to Internet
Ransomware Masked as Rockwell Update

Having said that, though, it appears 58 percent of companies in a survey still lack the appropriate controls to prevent insider attacks, with just under half (44 percent) unaware if their organization has experienced an insider attack at all.

On top of that, nearly half of those surveyed have seen an increase in insider attacks over the last 12 months, according to the Insider Threat Spotlight Report.

Inadvertent data breaches (71 percent) top the list of insider threats companies care most about. Negligent data (68 percent) and malicious data (61 percent) breaches come in a close second and third.

The biggest threat comes from privileged users, such as managers, with access to sensitive information, with 67 percent believing that the fact insiders have credentialed access makes insider attacks more difficult to prevent.

According to the survey, the endpoint is the most common launching point for an insider attack, with 58 percent more than the next most common launching point, which is mobile devices.

Tracking file movement across the network is a critical component of a data security strategy, according to 75 percent of respondents, with 57 percent naming databases as the most vulnerable asset to an inside attack.

Survey respondents also named three barriers to better insider threat management:
• Lack of training and expertise (60 percent)
• Insufficient budgets (50 percent)
• Lack of collaboration between departments (48 percent)