The incidents of insider threats continue to rise poising a serious damage to organizations. However, decision makers are not yet fully prepared to tackle security threats, the latest study has revealed. A joint study conducted by Global cyber security leader Forcepoint and Ponemon Institute found that 91 per cent of IT operations and security managers considered that the risk of insider threats will continue to grow or stay the same.
Global cyber security leader Forcepoint, in partnership with the Ponemon Institute, today released the results of its “Insecurity of Privileged Users” study, comparing data sets from 2011 and 2014 with present day. According to the study, 58 per cent of IT operations and security managers believe their organizations are unnecessarily granting access to individuals beyond their roles or responsibilities.
With more than 40 per cent of respondents agreeing that malicious insiders would use social engineering to obtain privileged user access rights – up 20 per cent from 2011 data – it’s no surprise then that the majority of those surveyed expect insider threats to remain an issue. More than 600 commercial and 142 federal IT operations and security managers participated in the study.
Approximately 70 per cent of both groups surveyed think it is “very likely” or “likely” that privileged users believe they are empowered to access all the information they can view. Nearly 70 per cent also believe that privileged users access sensitive or confidential data simply out of curiosity. With these large percentages in mind, only 43 per cent of commercial and 51 per cent of federal organizations today said they have the capability to effectively monitor their privileged user activities. A majority said that only 10 per cent or less of their budget is dedicated to addressing this significant challenge.
While budget and the human element are factors in addressing the insider threat challenge, technology deficiencies are also playing a role. The survey found that a significant number of respondents use existing cyber security tools to combat insider threats, rather than more targeted technologies (e.g. 48 per cent of commercial and 52 per cent of federal organizations use a SIEM to determine if an action is an insider threat). As a result, more than 60 per cent indicated that these tools yield too many false positives. What’s more, a majority of both audiences surveyed (63 per cent commercial and 75 per cent of federal organizations) lack the necessary contextual information required to prevent insider threats from happening.