Cybersecurity: Most Organizations Ill-Prepared For Insider Threats

Despite increased spending on deterrence and detection, new survey finds insider attacks are increasing in frequency and in cost of remediation.

Despite an increase in spending and investment in deterrence tactics and detection tools, insider threats continue to cause harm to all types of organizations, according to a new cybersecurity industry survey from Haystax Technology. Although funding is increasing, inadequate resources are being allotted to predictive risk analytics — a critical component of mitigating insider threats, according to The “Insider Attacks” report. This lack of analytics investment comes at a price, as insider attacks continue to be costly.

Cybersecurity“Ask any cybersecurity specialist to name the biggest security threat to an organization and they’ll tell you it’s people,” said Haystax CEO Bryan Ware.

Yet despite increased funding on insider threat programs, the problem shows no signs of abating. “Training programs and network controls are important, but without analytics that produce actionable intelligence, organizations are often left in the dark until after a malicious insider does damage,” Ware added.

Using crowd-based research in partnership with the 300,000-plus members of the Information Security Community on LinkedIn and Crowd Research Partners, Haystax’s report found nearly three-quarters (74 percent) of organizations feel vulnerable to insider threats, a significant seven-percent increase over last year. Of the organizations that are investing in insider threat mitigation, 61 percent are focusing mostly on deterrence (e.g., access controls, encryption, policies, etc.), and 49 percent on detection (e.g., monitoring, intrusion detection systems, etc.) — while 35 percent employ forensics and analysis systems like security information and event management (SIEM) tools.

CybersecurityMost survey respondents (67 percent) indicate that because insiders already have credentialed access to their networks and services, they are much more difficult to detect and deter than external threats. But only 42 percent of organizations say they are regularly monitoring user behavior while 21 percent do none at all.

Insider threat detection has improved, with 46 percent of respondents believing they could detect an attack within a day at most. What’s more, 68 percent are confident in their ability to recover from an attack in a week or less, up 20 percent over last year’s survey. However, three-fourths estimate remediation costs could be up to $500,000, with the other 25 percent believing costs could exceed that amount — and perhaps reach into the millions of dollars.

For more information about the findings from the Haystax Insider Attacks Industry Survey, view the full report.

Cyber Security, Facilities Management, FacilityBlog, Featured, Security & Safety

Cybersecurity, employees, Haystax, IT, Security, Survey, Technology, threat detection

Sponsored Content
Featured Video

Webinars, Podcasts & Videos

crime scene

Listen Now: What To Do When Your Facility Becomes A Crime Scene

A business continuity analyst discusses steps FM teams need to consider after a crime has been committed in their buildings.

Facilities Teams, ARC Facilities Webinar

Did You Miss Our “Solving The Hidden Assets Challenge” Webinar?

Hidden assets can be a challenge for facilities teams. View this free video webinar on demand and learn how your team can retain knowledge and streamline operations.

Job Order Contracting: Accelerating the Projects that Matter

This proven single-solicitation process accelerates project delivery while satisfying local bidding requirements. Learn all about Gordian’s JOC solutions .

Receive the latest articles in your inbox

Share to...