October 11th 2013
The evolving risk landscape in the enterprise has caused decision-makers to be more concerned about data protection than ever before. These newfound fears have encouraged organizations to establish better practices when handling sensitive information, as creating even the smallest vulnerability in the network could be like opening a floodgate for cybercriminals.
While taking a stronger stance against outsiders is encouraged, firms should not lose sight of another, often more devastating nemesis: the insider. Unlike hackers and other external parties, malicious or negligent employees often have privileged access to areas of the network that contain confidential resources. This means that one false step or angry feeling held by these individuals could lead to significant problems for organizations that are responsible for safeguarding highly sensitive assets.
A recent Vormetric study of more than 700 IT security professionals highlighted the fact most organizations are neglecting the insider threat, as only 40 percent of respondents said they actively monitor privileged user activity. Meanwhile, 27 percent of firms block access to sensitive areas for insiders.
In many cases, businesses are taking an antiquated approach to information protection by only defending the perimeters, with 56 percent of respondents claiming network monitoring is their go-to security tool, Vormetric reported. Although 66 percent of companies claim to use intrusion detection and prevention systems, many decision-makers fail to defend against advanced persistent threats (APTs) that could be launched internally.
"It's clear that organizations of all kinds are concerned with securing access to sensitive data," said Alan Kessler, CEO of Vormetric. "While many of the respondents are using more of the right security technologies and tools to help reduce their attack surface, a much larger group is falling short in taking the additional step to protect from insider threats and thwart attacks such as APTs that steal insider credentials."
Addressing insider risk
Vormetric revealed that roughly 45 percent of decision-makers said that Edward Snowden has highlighted the importance of being aware of and combating the insider threat. As a result, more than half of survey respondents intend to increase their security budgets within the next year in an effort to reduce the chances that internal parties can expose confidential information on demand.
Because there are many ways that insiders can exploit sensitive resources, decision-makers are zeroing in on specific challenges. In fact, 49 percent of executives said laptops are currently believed to be the biggest threat to their organization. A separate AlgoSec survey highlighted similar strategies, revealing that 66 percent of decision-makers are concerned about bring your own device (BYOD) and other initiatives, with 40 percent of respondents claiming that employee-owned devices increase the chances of experiencing network and application outages.
"Based on the survey results, it's clear that organizations are faced with increasing insider threats as well as rising risk of network and application outages, but process improvement and better security policy enforcement that leverages automation can provide significant dividends," said Nimmy Reichenberg, vice president of marketing and business development at AlgoSec.
While there is a variety of technologies for companies to choose from when implementing more rigorous security initiatives, decision-makers should not overlook the opportunity to acquire more visibility. Firms that work with a managed security service provider, for example, will be able to have an experienced third party observe and report on internal activity, reducing any prejudice or bias. This approach will allow organizations of all sizes to implement customized data protection strategies that reduce both external and internal threats.