Fewer than one in 10 IT decision-makers feel that their organisation is safe from “insider threats”, those who steal or leak information for personal gain, with “privileged users” such as system or network administrators felt to be the biggest threat.
That’s according to research by analysts at Ovum carried out on behalf of data security firm Vormetric, which surveyed IT professionals from around the globe, which suggests organisations are looking within their own walls in the fight to counter cyber threats.
It’s possible that the fear of sensitive data being leaked by an insider has risen due to the actions of NSA whistleblower Edward Snowden, the US government IT contractor who leaked documents about intrusive surveillance measures by the authorities.
Overall, just nine per cent of those surveyed believed their business was protected against insider threats, a figure that dropped to six per cent among respondents from the UK. The rise in individuals who gain access to data as part of their jobs – privileged users who maintain systems and networks – is therefore seen as a threat by many organisations.
However, it’s not just the possibility of IT personnel going rogue which has organisations concerned, there’s still the very real threat posed by cyber criminals looking to compromise insider accounts as a means to infiltrate systems and steal data. If things weren’t already hard enough, Ovum’s research suggests that insider threats are also becoming harder to spot and remove.
“Almost half of European organisations believe that insider threats are now more difficult to detect, with senior IT managers being very worried about the things their own users can do with corporate data,” said Andrew Kellett, principal analyst at Ovum.
“This risk is compounded by the threat by cyber attacks that are targeting user accounts – something that is not going completely unrecognised as 30 per cent of organisations cite Advanced Persistent Threats as a primary driver for ramping-up data breach defences,” he added.
Organisations do however recognise the threats, with many looking to update strategies and policy in order to reduce the risk of a data breach by an insider.
“Clearly, compliance requirements, privacy regulations and ongoing data breaches are having a strong effect on organisations,” said Stewart Room partner in Field Fisher Waterhouse’s Technology and Outsourcing Group.
“With 66 per cent planning to expand IT security spending to offset insider threats, and the challenges they are seeing with protecting data within cloud, mobile and big data environments, enterprises are seeing that their security posture needs to be updated, and are taking steps to do so,” he continued, adding that encryption is key to preventing breaches.
“Organisations are beginning to recognise that encryption is the most effective technology in preventing insider threats, with the largest proportion of organisations citing it as the single most important security measure,” Room said.