SpectorSoft, provider of insider threat detection solutions, today announced the results of a survey of 355 IT professionals regarding their experiences with the prevention and detection of insider threats within their organizations. The survey revealed an overwhelming majority of organizations are unable to detect or deter insider threats, leaving them vulnerable to fraud, data breaches and IP theft.
Sixty one percent of respondents said they do not have the ability to deter an insider threat. Another 59 percent admitted they do not have the ability to detect an insider threat, while, 75 percent stated that they do not have the ability to detail the human behavioral activities of an insider threat. These last two statistics are surprising since insider threats originate from some type of human criminal behavior.
Even more alarming, 61 percent of respondents do not believe they are adequately prepared to respond to insider threats.
The nature of insider threats—an authorized person misusing his or her authorization—makes it difficult to detect such attacks and protect against them. While the percentage of insider threats has stayed broadly consistent in the last ten years, the total number of such attacks has increased dramatically, resulting in $2.9 trillion in employee fraud losses globally per year. In the U.S. alone, the most recent year on record, organizations suffered $40 billion in losses due to employee theft and fraud—but chances are that even more fraud went undetected.
Evidence suggests that just 10 percent of employees account for 95 percent of incidents, which indicates that the vast majority of employees are trustworthy. But it’s hard to know who these employees are and how to prevent threats, especially because, according to the 2014 Verizon Data Breach Investigations Report, “most insider misuse occurs within the boundaries of trust necessary to perform normal duties.”
The Verizon report also laid out interesting statistics related to insider threats. According to the report, some of the top industries facing insider threats are real estate, transportation and manufacturing. However, all industries are at risk if they do not have the proper precautions in place. Insider espionage targeting internal data and trade secrets is becoming a bigger issue, with more and more companies having their sensitive data exposed as a result of not being in a position to deter, detect and detail malicious behavior. Privilege abuse, unapproved hardware/software (BYOD), email misuse and data mishandling are some of the behaviors putting companies at risk, the report concluded.
In correlation with these statistics, the results of the SpectorSoft survey reveal that organizations are facing a number of obstacles when it comes to dealing with insider threats. The number-one inhibitor cited was a lack of available technology solutions, with 55 percent of respondents choosing that option. Half of the respondents claimed not to have the budget needed to support such initiatives, and about a third of respondents stated that a lack of staffing prevented them from being adequately prepared to respond to insider threats. A lack of internal staff and training was also mentioned as a big challenge (36 percent).
Nearly half (49 percent) of respondents believe that detecting insider threat behavior is most important to their organization in terms of prevention. Deterring insider threat behavior was cited as the second biggest priority (41 percent), and detailing insider threat human behavior lagged behind at 10 percent. When responding to insider threats, the majority (69 percent) believe a prevention-centered approach is most important, whereas 31 percent believe a detection-centered approach is most important.
For the full report, click here.