Insider Threat Report Reveals Mismatch Between Security Fears and Spending
New research suggests that within US organizations, the possibility of insider threats tops all worries.
The Insider Threat Report, conducted in conjunction with Ovum and Vormetric, said that insider threats today have shifted to include both traditional insiders with access to critical data as part of their work, as well as privileged users and attacks that seek to compromise credentials to gain access to data such as Advanced Persistent Threats (APTs). Focused on enterprises, the report details concerns, the status of protection today, and organizations plans to offset insider threats as well as highlighting the responses of European organizations against their U.S. counterparts.
The report reveals how both European and U.S. organizations prioritize cloud security, data accessibility, privacy violations and compliance requirements as well as strong differences in approach and attitude to the problem. Contrasts between European and U.S. organizations include:
- Three percent of U.S. organizations felt safe versus nine percent in Europe and 47 percent felt vulnerable versus 25 percent Europe
- But U.S. organizations were less prepared to spend money to address the problem, with 66 percent of European organizations planning to increase budgets to offset the threat versus 54 percent in the U.S. And with both sides admitting that compliance is the primary driver for these spending increases.
- European organizations seem to have some reason to feel more secure Nearly half of European respondents constantly monitor access to sensitive information, compared to only 29 percent of US enterprises
- 39 percent of European businesses are concerned with abuse of access rights to their data, compared to 63 percent of U.S. respondents six months ago.
"As large-scale breaches, APTs, and Snowden-related discussions dominate the news cycle, it is clear that insider threats are among the most prominent IT security issues facing organizations today, a feeling which is reflected within the findings of our report," said Andrew Kellett, lead analyst for the Ovum IT Security team.