Insider threat is quite a big deal when it comes to keeping data secure and has business executives on edge. A study by the Ponemon Institute found that although insider leaks and attacks continue to multiply, 58% of IT operations and security managers believe their organizations are unnecessarily granting access to individuals beyond their roles and responsibilities. Furthermore, 91% predict that the risk of insider threats will continue to grow or stay the same.
This first glance into insider threats immediately tells us that one of the ways CIOs and CEOs can work on reducing these types of security risks is by thoroughly evaluating the type of access they are granting to staff.
Even though it may seem like a good idea to provide additional access to some employees because their roles might expand from time to time, when approximately 70% of IT operations and security managers find that it is “very likely” or “likely” that privileged users believe they are empowered to access all the information they can view and that nearly 70% also believe users access sensitive or confidential data simply out of curiosity, there is an obvious problem.
Tip 1 Insider Threats: Think through who you are granting access to and to what extent.
Add to this information the fact that more than 40% of IT operations and security managers agree that malicious insiders would use social engineering to obtain privileged user access rights and only around half of organizations say they have the capability to effectively monitor their privileged user activities.
- The exact number from the study: 43% of commercial and 51% of federal organizations today said they have the capability to effectively monitor their privileged user activities.
While a network can be more effectively monitored with the right security tools and expert security team, employees are a bit more complex. There’s a level of privacy you need to respect, not to mention that you can’t keep eyes on them 24/7. The human element is one of the reasons why BYOD is such an issue within organizations.
What businesses need to do is spend more time educating staff on data security, making them aware of risks, providing them with training and giving them solutions to problems or questions they may have on security and risk management. Businesses also need to revisit their information security plans and procedures if they have them; if they don’t, they need to get started on them.
The fact that only 10% or less of an organization’s budget is dedicated to addressing the significant challenges in monitoring privileged user’s activities is a sign that companies are not investing in the needed elements to close the human vulnerability gap that brings about insider threats.
Tip 2 Insider Threats: You can’t monitor the human element with security tools; you need to train staff, create awareness and set up appropriate plans and procedures.
Something else needs to be said about security tools or better yet, the deficiencies these tools are showing. The study found that a significant number of organizations are using existing cybersecurity tools to combat insider threats, instead of more targeted technologies.
- 48% of commercial and 52% of federal organizations use a SIEM to determine if an action is an insider threat.
In addition to 60% of these tools yielding too many false positives, both commercial (63%) and federal (75%) organizations lack the necessary contextual information required to prevent insider threats from happening. It’s only normal that businesses adapt security technologies to help in some areas of managing risks, but the reason why a security posture based on technology alone fails, is because technology can’t do it all or see it all. Actually, security devices and software solutions have a number of their own vulnerabilities.
Tip 3 Insider Threats: Data security and reducing insider threats requires more than technology; you have to implement a holistic security posture if you want to get ahead of your risks.
As long as you have a clear idea on where your security stands and what the next steps are moving forward to handle insider threats in a way that reduces risks for your business, you’re on a good path. However, seeing the data in this study, as well as other studies, at least half of organizations are finding a multitude of challenges with the number of security risks they are facing in this digital era.
There’s a major security skill gap when it comes to filling CIO roles and sometimes a lack of experience by the security team businesses do have on board. Give us a call to see where your information security stands, if you are in a rocky position.
We’re here to help! Schedule your free infosec consultation so that we can get your data security needs met and get you ahead of your risks.
Photo courtesy of iQoncept