Insider Risk

One million six hundred ninety-one thousand reasons to look inside

By Veriato Team

We recently sponsored our second significant research effort aimed at helping understand the scope and nature of insider threats. Much like the first, this effort includes some key takeaways:

  1. Insider attacks are on the rise – 62% of security professionals who took part in the survey believe insider attacks have become more frequent in the last 12 months. I think it’s ok to ask whether insider attacks are actually on the rise, or simply, finally, getting the type of attention that the seriousness of the problem warrants.
  2. >Insider attacks are costly. – Survey respondents estimate the cost of remediating a successful insider attack at some $445,000. From the just about 1/4 of respondents who bravely acknowledged experiencing an insider attack(s), we learned that the average number of known insider attacks per organization in the last 12 months was 3.8. We’ll leave the math to you the reader. Suffice to say that rapid detection of an insider attack, with response aimed at shutting the threat down, can save a lot of money.
  3. Budget priorities are not aligned – Only 34% expect their insider threat management budget to increase in the coming 12 months. More than 10% actually believe their budgets will go down.
  4. Insider attacks are difficult to detect and prevent – When asked how difficult it is to detect and prevent, 62% said insider attacks are more difficult than external attacks. This makes sense for multiple reasons. First, an overwhelming majority of budgeted dollars go towards defending against external attacks as compared to internal. All that firepower breeds confidence. Second, insider attacks are by their very nature difficult to deal with. So many of the steps an outside adversary would need to execute to get at sensitive data or systems are not needed when an insider in involved. Fewer steps = fewer opportunities to get caught. Third, the question asked about both detection and prevention. How do we prevent someone who has the keys to our house and our alarm code from entering it when we aren’t home and rifling through the drawers?

When it comes to insider attacks, our focus needs to be on detection. Because if we can detect a problem we can respond to it. Don’t let the daunting nature of trying to figure out how to prevent or paralyze you from taking action that will help secure your company.

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Productivity & Insider Risk Resources

Is Employee Monitoring Software Worth The Investment?

Is Employee Monitoring Software Worth The Investment?

Key Takeaways: Employee monitoring software offers detailed insights into employee activities, enhancing productivity and bolstering data security. Choose the right software based on features, cost, integration capabilities, and scalability to align with specific...

How To Choose The Right Employee Monitoring Software

How To Choose The Right Employee Monitoring Software

Remote work is becoming increasingly common, and data breaches are a constant threat. The importance of employee monitoring software has never been more pronounced. For businesses looking to safeguard their digital assets while optimizing workforce productivity,...

UEBA: Revolutionizing Security With Advanced Analytics

UEBA: Revolutionizing Security With Advanced Analytics

Key Takeaways: Behavior-Focused Security: UEBA revolutionizes cybersecurity by analyzing user behavior patterns, providing a dynamic approach to detecting anomalies and potential threats. Flexible and Adaptable: Scalable for any organization size, UEBA integrates with...