Bomgar has announced the findings of its 2018 Privileged Access Threat Report, a global survey that explores the visibility, control, and management that IT organisations in the U.S. and Europe have over employees, contractors, and third-party vendors with privileged access to their IT networks.
This year’s report found that external threats are not the main concern for IT professionals, but rather breaches that are linked to vulnerabilities caused by staff or third-party vendors operating within an organisation’s own network. In fact, 43% of organisations claimed to have suffered a serious information security breach or expect to do so in the next six months, due to third-party and insider threats. Additionally, 64% of organisations claimed that they could have already experienced a breach due to third-party access in the last 12 months, and 59% due to insider credentials.
The report also found that problematic employee behaviour continues to be a challenge for a majority of organisations. Writing down passwords, for example, was cited as a problem by 57% of organisations. Colleagues telling each other passwords was also a big problem for 50% of companies, for example.
Highlight UK statistics from the report include:
- 59% of organisations have possibly or definitely suffered an insider related breach in the last year
- 64% of organisations have possibly or definitely suffered a breach due to third-party access
Insider threats
- Organisations are either very or fairly concerned about insider credentials being used for malicious purposes, whether intentionally (60%) or through phishing (62%)
- 64% of organisations share administrator passwords between employees
- 60% of organisations are worried that employees could misuse sensitive data for personal gain
- 50% of employees tell colleagues their passwords
- 57% of employees write down passwords
- 53% send files to personal email accounts
- 56% download data onto external memory drives
Third-party threats
- 71% of organisations reported up to or more than 20% increase of third- party vendors
- 64% possibly or definitely suffered a breach due to third-party access
- 43% of organisations only give on/off access to third-party vendors
- 66% of organisations think that too heavy reliance on third party vendors is a moderate and significant risk to their organisation
Please find full report here: http://bit.ly/2EQz26f which also covers the stats globally.
[su_box title=”About Bomgar” style=”noise” box_color=”#336588″][short_info id=’60880′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.