Browse by year:
February - 2015 - issue > CXO View Point
Alan Kessler
Thursday, February 5, 2015
A core element in every one of the recent financially motivated hacks and nation-state attacks (like the one that affected Sony Entertainment are insiders or their compromised credentials. Employees with legitimate access, service providers or contractors that maintain infrastructure and privileged users are all both possible actors, and potential attack vectors when their credentials are compromised.
The last 12 months have seen continuous loss of data as organizations globally have had to publicly admit their security shortcomings. But recent headlines have made data breaches a larger board level concern.

In conjunction with Harris and Ovum, Vormetric recently delivered its third Insider Threat Report. Global findings include:
- Globally 89 percent of organizations are vulnerable and only 11 percent reported that their organizations were safe.
- The last 12 months have seen a continuous flow of high-profile organizations reporting that their security has been breached, including data theft by employees and others with insider status. According to the report, over 40 percent of organizations reported that they had either experienced a data breach or failed a security audit in the last year.
- In the US over one in five organizations reported that they had experienced a data breach (22 percent), and 33 percent were looking to do more to protect company-sensitive data as a direct result of seeing the damage caused to a competitor following a security breach.
- 93 percent of U.S. respondents said their organizations were somewhat or more vulnerable to insider threats.
- 46 percent of U.S. respondents believe cloud environments are at the greatest risk for loss of sensitive data in their organization, and 47 percent believe databases have the greatest amount of sensitive data at risk.
The good news? The situation is not hopeless. Organizations should limit business system, partner and employee access to corporate data to no more information than they need to fulfill their specific roles.

For far too long, system administrators and business users with privileged access to the most sensitive corporate data have had open access, with few controls placed on their rights of entry. Understandably, concerns over privileged user access are at the top of the agenda for most senior managers. They now understand the damage that a rogue user with admin rights can do, and they recognize that if this type of user is not properly monitored and controlled, the damage can be far-reaching.

Ultimately, the types and needs of users that should be taken into account when putting together an insider threat protection strategy are diverse and continue to grow. Employees, business partners, suppliers, service providers, contractors and malicious outsiders can each put corporate data at risk. It's high time we enforced controls that maintain the right levels of accessibility.

Share on LinkedIn