Organizations underestimating the seriousness of insider threats

2022-04-08 04:00

New research, conducted by Forrester, found that 59% of incidents in EMEA organizations that negatively impacted sensitive data in the last 12 months was caused by insider threats, and yet 59% do not prioritize insider threats the way they prioritize external threats.

70% of organizations do not have an insider risk management strategy or policy, and a majority do not have a dedicated insider threat team.

The findings show that organizations are woefully underestimating the seriousness of insider threats.

"Insider threats are hard to detect because internal users have legitimate access to critical systems, making them invisible to traditional security solutions like firewalls and intrusion detection systems. The lack of visibility into insider threats is creating a significant risk to the security of organization's data."

"It is imperative that organizations add insider risk to their overall data protection strategy. An effective insider threat detection system needs to be diverse, combining several tools to not only monitor insider behavior, but also filter through the large number of alerts and eliminate false positives. Also, as protection of a companies' intellectual property begins at the data layer, a comprehensive data protection plan must include a security tool that protects the data layer," Waynforth said.

Steps to better protect against insider threats Gain stakeholder buy-in to invest in an insider risk program.

News URL

https://www.helpnetsecurity.com/2022/04/08/organizations-insider-threats-issue/

#threat