Research reveals growing risk of data breach from ‘Insider Threats’, highlights poor privileged user controls at UK organisations
The report, which resulted from a telephone survey of more than 500 IT decision-makers at mid and large size organisations in the UK, France and Germany, found that only nine percent of businesses feel safe from insider threats, with nearly half of UK based respondents (42 percent) acknowledging that it is ‘privileged users’ (system administrators, database administrators, network administrators, etc.) that pose the biggest risk to their organisation.
Insider threats are no longer only traditional insiders with legitimate access rights who abuse their positions to steal data for personal gain. Privileged users who maintain systems and networks are now an additional concern, as their roles typically require access to all data accessible from systems to perform their work. A third insider threat concern is from the outside-in, with cybercriminals actively seeking to compromise insider accounts (focusing most heavily on privileged users) in order to infiltrate systems and steal data using their credentials.
- Only nine percent of all organisations surveyed feel safe from insider threats and only six percent of UK organisations feel safe
- 47 percent of organisations now find it harder to detect insider threat incidents than in 2012
- Controlling access to data poses a broad threat for organisations. For some, non-technical employees with legitimate access to sensitive data and IT assets are the biggest risk (49 percent), while for others even executive management such as the CFO or CEO are the top risk (29 percent)
- Cloud implementations are raising security issues, with the lack of visibility into security measures around cloud-hosted data representing a concern for 62 percent of businesses
View the full report for complete details and to learn about best practices around protecting your sensitive data from insider threats