Code42 has released new research showing employees take more risks with data than employers think, leaving organisations open to insider threat.
Some key points:
- Over two-thirds (69%) of organizations say they were breached due to an insider threat and confirm they had a prevention solution in place at the time of the breach.
- Over three-quarters (78%) of information security leaders – including those with traditional data loss prevention (DLP) – believe that prevention strategies and solutions are not enough to stop insider threat.
- Over three-quarters (78%) of CSOs and 65% of CEOs admit to clicking on a link they should not have, showing that no level of employee is immune to lapses in judgement
- Nearly two-thirds (63%) of survey respondents admit to bringing data from past employers to their new jobs
HelpNetSecurity has covered the report here: https://www.helpnetsecurity.
This research confirms what many already know. Point solutions are not cutting it anymore, especially for insider threats. A more comprehensive insider threat program is required. One which combines as many different data sources as possible across an organization and which can link behaviors from multiple feeds back to a single entity. Once this is done machine learning should be applied to identify anomalous and risky behavior and deliver the insight is a simple way with as much context as possible.
Providing a correlated, risk prioritized view for analysts to respond to as well as integrating with other solutions via automation capabilities is one of the key ways to handle insider threat. Although let’s be clear insider threat is not just about deploying technology it’s about using that technology to drive processes and education.