The macro trend for IT security professionals is shifting. The security risk of insider threats is real and has become of equal importance to organizations. Insider threats take many forms - from employees bending the rules to get their jobs done more efficiently, to unhappy employees with malicious intent, to workers who unintentionally install malware, and even 3rd party vendors or partners that don’t follow security policies.
In The Growing Security Threat from Insiders survey report, Dimensional Research conducted a survey with over 300 IT Security Professionals with a focus of exploring current experiences with and understanding of insider threats.
A snapshot of the survey results can be seen in this infographic.
Nearly half of IT Security professionals more concerned about insider threats than external threats
Insider threats are a growing problem. Nearly all security professionals (99.7%) in the study are concerned with Internal threats and nearly half (49%) of IT Security Professionals find them more concerning than external threats. This is a big shift. Allocation of security budgets have been primarily focused on perimeter security, however this could change as insider threats are real and we have seen many public examples of this in the headlines.
- About half (49%) are more concerned about internal threats than external threats.
- Top concerns are malware installed by careless employees (73%), stolen or compromised credentials (6%), stolen data (65%), and abuse of admin privileges (63%).
- The majority of security professionals (87%) are most concerned about naive individuals or employees who bend the rules to get their job done; only 13%are more concerned about malicious insiders who intend to do harm.
End user engagement critical to success of security programs
To get ahead of threats, the role of end users in security efforts clearly needs to be a priority in organizations. IT professionals realize this and in fact 95% are providing end user security training. The unfortunate thing however is that only 10% believe it’s very effective. With varying levels of willingness to learn on the part of end users, it’s clear that finding new ways to engage users will increase success and IT security teams are open to new types of training to be more successful.
- While 95% provide end user security training, only 10% believe the training is very effective.
- 81% say end users are willing to learn, but only 25% say they are willing to put in the effort to learn.
- 66% see value in providing real-time training and feedback when an end user does something they shouldn’t.
Security teams are overwhelmed and need additional solutions and approaches to help protect from insider threats
The study found that when it comes to insider threats, IT Security Teams feel reasonably confident with their 90% saying they have the skills to respond. The challenge is that about two-thirds of them are overworked and can’t respond in a timely manner. As we saw in the ISACA study, this is probably exacerbated by the fact that finding security talent with the right skills today is quite challenging so even if they have the budget to grow the team, it can be difficult.
Some of the most alarming facts from the study found that lack of visibility is causing a big blind spot for them with insiders. With 9 out of 10 not knowing who has access to systems they shouldn’t and only Another alarming fact that Lack of visibility into privileged user activity and who is accessing systems
- 64% have the skills, but are overworked so can’t respond.
- 91% report insiders have access to systems they shouldn’t.
- 70% can’t effectively monitor privileged user activities.
Survey Methodology and Participant Demographics
This data is based on a survey of 317 IT professionals with responsibility for security. All worked at companies with over 1000 employees. Questions were asked on a wide range of subjects including concerns about insider threats, role of end user engagement in security, and barriers to protecting against insider threats.
Read the full research report: