An
overwhelming majority of global organizations are admittedly
ill-prepared to handle the steady increase in insider threat activity,
according to research conducted by Cybersecurity Insiders and announced
today by Securonix, the leader in Unified Defense SIEM.
The "2024 Insider Threat Report,"
commissioned by Securonix, reveals the concerns of nearly 500 global
cybersecurity professionals about the nature of insider threat
challenges, including growing concerns over malicious insiders, shifts
to hybrid work environments and the difficulties in detecting insider
threats. The report found that while 76% of organizations have detected
increased insider threat activity over the past five years, less than
30% believe they are equipped with the right tools to handle them. Just
as concerning is that only 21% of respondents said they had a fully
implemented and operational insider threat program, which highlights the
inability for most organizations to effectively identify and mitigate
internal security risks.
"Insider
threat management programs are most successful when they receive strong
support from executive leadership. This level of leadership is
essential for prioritizing resources and navigating the complex
technical and privacy challenges across various regions," said Findlay
Whitelaw, Field CTO, of Securonix. "Despite its importance, many
cybersecurity professionals feel their organizations fall short in this
area. As insider attacks continue to rise, business leaders must empower
their teams to develop a security-conscious culture that encourages
employees to take a proactive stance against insider threats."
According
to the report, 90% of respondents said insider threats are more or as
difficult to detect and prevent than external attacks. While negligent
employees and unwitting accomplices to external threats are the greatest
sources of insider risk, the research indicated a shift in the
perception of insider threats over the last five years. The survey data
showed that 74% of cybersecurity professionals are most concerned with
malicious insiders within their organization in 2024, which is an
increase of nearly 25% when compared to responses from 2019.
"Effectively
detecting and defending against insider threats requires an
understanding of the different types of insider threats: malicious,
inadvertent, and negligent," said Holger Schulze, CEO and Founder,
Cybersecurity Insiders. "With that knowledge in hand, the report shows
cybersecurity professionals can develop sophisticated insider threat
programs that have a balance of understanding human behavior,
comprehensive employee training, and proactive strategies that deploy
the proper tools, including advanced behavior analytics."
Additional key findings from the report include:
- Global
cybersecurity professionals indicated the main drivers and enablers of
insider attacks are insufficient employee training and awareness (37%),
globalization and adoption of new technologies (34%), inadequate
security measures (29%), complex IT environments (27%), and disgruntled
insiders (25%).
- More
than 75% of organizations report an increasing prevalence of ransomware
and triple extortion techniques in their environments, highlighting a
growing cybersecurity threat. Information disclosure (56%) and
unauthorized data operations (48%) are also leading concerns,
emphasizing the importance of data-centric security measures and robust
identity and access management controls.
- The
challenges of securing distributed, less controlled environments led to
70% of respondents expressing concern about insider risks in hybrid
work environments.
- A
majority of respondents (75%) are concerned about the impact of
emerging technologies, such as AI, the Metaverse, and quantum computing,
on insider threats, including their misuse and the potential to amplify
threat capabilities.
- Companies
are chiefly concerned with the loss of financial data (44%) and
customer data (41%), pointing to concerns over direct monetization for
threat actors and loss of personally identifiable information (PII),
respectively.
Securonix
helps organizations improve their insider threat detection,
investigation and response practices. Its behavior-based approach allows
organizations to identify suspicious insider activities even before
impacts materialize, providing the ability to take a more proactive
stance against these threats.
To see the "2024 Insider Threat Report," including a full analysis of the data from Cybersecurity Insiders and Securonix, visit: https://www.securonix.com/resources/2024-insider-threat-report/