Cloud security organization Bitglass released the 2020 Insider Threat Report, a survey of IT and security professionals about the challenges facing organizations from this ‘inside’ vector. Key findings include:
- 61% report experiencing an insider attack in the last 12 months, and 22% report experiencing 6 or more attacks over that time period
- 38% report experiencing operational disruption as a result of an insider attack, and the same number report experiencing ‘loss of critical data’
- 50% of firms report that it is more difficult to detect insider threats after migrating to the cloud
- 49% report that detection of an insider attack takes at least a week, and 7% report they have ‘no ability to detect a leak’
- 57% report that their 2021 security budgets will stay flat, and 16% report that security budgets will be cut
- The biggest barriers to better insider threat management are: lack of budget (61%), lack of staff (41%), and lack of tools (38%)
Recent high-profile insider cyber breach incidents targeting Twitter (successfully) and Tesla (unsuccessfully) have shone a bright light on this threat vector. And the statistics reported in this report make it clear that this is a widespread problem that companies must pay close attention to as part of their overall cyber security programs. Indeed, ‘insider threat’ is an important factor that Cyberhedge analyzes in our company cyber governance ratings.
One notable finding of the survey is that ‘50% of firms report that it is more difficult to detect insider threats after migrating to the cloud’. We have recently discussed some issues around cloud usage here. While Cloud is essential infrastructure and in most cases is the right (and unavoidable) choice for enterprises, it does introduce security challenges that must be properly addressed. Another finding of the survey which is in line with other recent research is that many enterprises struggle with IT systems built with multiple, ununified and unintegrated security solutions. Cyberhedge research confirms that companies with overly complex IT systems are more at risk of being breached than those with more streamlined systems. This is true in part because more complex systems are more expensive and difficult to protect.