Security News > 2023 > January > Insider attacks becoming more frequent, more difficult to detect

Insider threats are a top concern at organizations of all kinds; only 3% of respondents surveyed are not concerned with insider risk, according to Gurucul.

With responses from more than 325 cybersecurity professionals, the report explores the latest trends and challenges organizations are facing as they work to adapt to changing insider threats, and how organizations are preparing to better protect critical data and IT infrastructure.

This rise in perceived vulnerability coincides with a significant increase in insider attacks as 74% of organizations report that attacks have become more frequent, with 60% experiencing at least one attack and 25% experiencing more than six attacks.

"This report sheds light on some of the most interesting insider threat challenges facing organizations today. While it shows that 86% are using some sort of solution to monitor user behavior in some way, it was surprising to see that access logging was the primary method, and that only 25% are using automated tools to monitor user behavior 24×7," said Saryu Nayyar, Gurucul CEO. "The types of monitoring and analytics used to detect insider threats vary widely between organizations. This highlights the need for better tools and processes to analyze data behavior, user behavior, access and movement across a network both internally and externally to detect and prevent insider attacks," Nayyar continued.

The top factors that make timely detection and prevention of insider attacks difficult include trusted insiders that already have credentialed access to apps, networks, and services, the increased use of SaaS apps that can leak data, and an increase in personal device use with access to corporate resources.

The rising threat of insider attacks is a strong driver for organizations to implement formal insider risk programs.

News URL

https://www.helpnetsecurity.com/2023/01/30/detect-insider-attacks/