By Jacob Serpa, Product Marketing Manager, Bitglass
When words like cyberattack are used, they typically conjure up images of malicious, external threats. While hackers, malware, and other outside entities pose a risk to enterprise security, they are not the only threats that need to be remediated.
Insider threats, which involve either malicious or careless insiders, are another significant threat to corporate data that must be addressed. Fortunately, Bitglass has the latest information on this topic. Read on to learn more.
In Threatbusters, Bitglass’ 2019 Insider Threat Report, Bitglass set out to learn about the state of insider attacks, as well as to uncover what organizations are doing to defend against them. This was accomplished by partnering with a cybersecurity community and surveying the IT professionals therein. A breadth of survey questions yielded a wealth of information, ranging from the tools that organizations are using to defend against threats, to how long it takes them to recover from these types of attacks. Two examples can be found below.
The frequency of attack
A staggering 73 percent of survey respondents claimed that insider threats are becoming a more common occurrence. In 2017, when Bitglass released its previous Insider Threat Report, this number was only 56 percent. Additionally, 59 percent of respondents revealed that their organization had experienced at least one insider attack within the last 12 months. For organizations to stay secure in today’s high-speed, cloud-first world where data is shared, accessed, and downloaded more rapidly and widely than ever before, appropriate security controls simply have to be put in place.
The damage done
Eighty-seven percent of respondents said that it was either moderately difficult or very difficult to determine the damage done in the wake of an insider attack. This should not come as a surprise. Because insider attacks involve the use of legitimate credentials, distinguishing legitimate user activity from threatening user activity can be challenging (especially because said behavior can go unnoticed for extended periods of time if the proper tools are not in place). Naturally, this means that it can be difficult to ascertain the extent of the damage that these authorized users have done.
The above items are only a sample of what Bitglass was able to uncover in its most recent research. To learn more about insider attacks and how organizations are addressing them, download the full report.