An overwhelming majority of IT professionals, surveyed by Spectorsoft, regarding their experiences with the prevention and detection of insider threats within their organizations said they are unable to detect or deter insider threats. This leaves the organizations vulnerable to fraud, data breaches and IP theft.
Sixty one percent of respondents said they do not have the ability to deter an insider threat. Another 59% admitted they do not have the ability to detect an insider threat, while, 75% stated that they do not have the ability to detail the human behavioral activities of an insider threat. These last two statistics are surprising, since insider threats originate from some type of human criminal behavior.
Even more alarming, 61% of respondents do not believe they are adequately prepared to respond to insider threats.
The nature of insider threats—an authorized person misusing his or her authorization—makes it difficult to detect such attacks and protect against them. While the percentage of insider threats has stayed broadly consistent in the last 10 years, the total number of such attacks has increased dramatically, resulting in $2.9 trillion in employee fraud losses globally per year.
In the U.S. alone, the most recent year on record, organizations suffered $40 billion in losses due to employee theft and fraud—but chances are that even more fraud went undetected.
Evidence suggests that just 10% of employees account for 95% of incidents, which indicates that the vast majority of employees are trustworthy. But it's hard to know who these employees are and how to prevent threats, especially because, according to the 2014 Verizon Data Breach Investigations Report, "most insider misuse occurs within the boundaries of trust necessary to perform normal duties."
According to the Verizon report, some of the top industries facing insider threats are real estate, transportation and manufacturing. However, all industries are at risk if they do not have the proper precautions in place.
Insider espionage targeting internal data and trade secrets is becoming a bigger issue, with more and more companies having their sensitive data exposed as a result of not being in a position to deter, detect and detail malicious behavior.
Privilege abuse, unapproved hardware/software (BYOD), email misuse and data mishandling are some of the behaviors putting companies at risk, the report concluded.
In correlation with these statistics, the results of the SpectorSoft survey reveal that organizations are facing a number of obstacles when it comes to dealing with insider threats. The number-one inhibitor cited, according to 55%, was a lack of available technology solutions.
Half of the respondents claimed not to have the budget needed to support such initiatives, and about a third of respondents stated that a lack of staffing and training prevented them from being adequately prepared to respond to insider threats.
Nearly half (49%) of respondents believe that detecting insider threat behavior is most important to their organization in terms of prevention. Deterring insider threat behavior was cited as the second biggest priority (41%), and detailing insider threat human behavior lagged behind at 10%.
When responding to insider threats, the majority (69%) believe a prevention-centered approach is most important, whereas 31% believe a detection-centered approach is most important.
"These statistics paint a bleak picture when it comes to securing company data against insider threats," stated Rob Williams, chief marketing officer at SpectorSoft. "With so many data breaches happening, C-level executives are coming to the realization that their jobs could be on the line if company data isn’t protected. Proper defense must include a comprehensive security solution, and with humans involved, education is just as key. The market is ripe for a new approach to internal security."