Insider Threat: Firms Aware, but Take No Action

Friday, April 18, 2014 @ 11:04 AM gHale


Insider threats remain a top attack vector, but companies still don’t do much about protecting themselves, a new study said.

More than a third (36 percent) of IT professionals believe employees would access or steal confidential information, yet 38 percent do not have, or know of, any systems in place to stop employees accessing unauthorized data, said a LogRhythm survey of 1,000 IT professionals.

RELATED STORIES
Insider Threat Scares DoD IT Pros
Smart Grid; Vulnerable Grid
NIST Seeks Smart Grid Comments
Cyber Security Framework Released

Just under on half (48 percent) regularly change passwords to stop ex-employees gaining access and the most commonly used deterrent is the threat of disciplinary action (64 percent).

However, in a corresponding survey of 200 employees, almost half (47 percent) admitted to having accessed or taken confidential information from the workplace, with 41 percent using passwords and usernames to access data after they had left a company. Of those who ended up caught, 25 percent said nothing happened, while company officials talked to 67 percent, but there was no disciplinary action. On top of that, 79 percent claimed no one ever discovered their illegitimate actions.

“While it is clear that the risk of rogue insiders is making its way up the corporate agenda, what’s not clear is how organizations are dealing with nefarious employee activity,” said Ross Brewer, vice president and managing director for international markets at LogRhythm.

“In LogRhythm’s 2013 research, just 19 percent believed employees would steal data, a number which has nearly doubled in the last year, indicating that businesses are slowly waking up to the realities. What is baffling is that, despite this, the majority of organizations are still not putting adequate systems in place. Indeed, it is not only staggering that such a large number of employees have never been caught accessing confidential data, but that those who have been have often got away with it scot free,” Brewer said.

“What we can take from this is that most organizations still have very little idea of what is happening across their networks,” continued Brewer. “Even when faced with daily reports of internal security threats, such as the recent Target breach, as well as government initiatives to increase awareness, businesses are still inclined to turn a blind eye. At a time when the threat landscape is so vast and the repercussions are so big, this is simply unforgivable.”

While more IT professionals cite the insider threat as a bigger security risk (31 percent) than external threats (29 percent), the general consensus seems to be that not enough importance is being placed on containing it, with 37 percent feeling like their business could do more to safeguard information from employees. Considering that a third also have no idea whether or not they have suffered a breach before, it appears there is still a long way to go.

“Without knowing what happened yesterday, businesses have little hope of protecting their networks today,” Brewer said. “Businesses clearly need to increase the level of visibility that they have into their networks in order to spot any questionable activity.”



Leave a Reply

You must be logged in to post a comment.