Insider threats are more difficult to detect and prevent than external attacks, and are a major threat to businesses,
Insider threats are a major security concern for organizations, as even those tasked with protecting a company’s data may put it at risk, according to a new survey from Gurucul.
Of the 320 IT professionals surveyed, one in 10 said they would take as much company information with them as possible before leaving their job, the whitepaper Uncover Insider Threats through Predictive Security Analytics stated. Another 15% of IT pros said they would delete files or change passwords upon exiting a company.
As most organizations are focused on detecting and defending against external cyberthreats and hackers, insider threats may be the larger issue, the whitepaper said.
Security professionals report that insider attacks are more difficult to detect and prevent than external ones: Another survey found that 91% of IT and security professionals said they feel vulnerable to insider threats, whether their acts are malicious or accidental. Some 73% of IT professionals surveyed in yet another report said they believe insider attacks have become more frequent in the past year.
Most organizations still use manual processes built upon static identity management rules and roles, the Gurucul paper noted, giving users access to information they do not need for their job, and the ability to abuse that information. Insider threats can also arise when employee credentials are shared or stolen, which can often go undetected, the paper said.
« By combining user and entity behavior analytics, and identity analytics, companies can not only monitor, detect and remove excess access before it is too late, but they can also monitor employee actions by detecting unusual or risky behavior, » Craig Cooper, COO of Gurucul, said in a press release. « By detecting when users are acting in ways that contradict their normal behavior and job function, our customers are able to intervene. »