Over half of organizations experienced an insider threat in 2022

Image via Pixabay

Gurucul’s 2023 Insider Threat report results indicate insider threats are a top concern at organizations of all kinds: 3% of respondents surveyed were not concerned with insider risk.

With responses from over 325 cybersecurity professionals, the report explores the latest trends and challenges organizations are facing as they work to adapt to changing insider threats, and how organizations are preparing to better protect critical data and IT infrastructure.

The report found that three-quarters of respondents said they feel moderately to extremely vulnerable to insider threats — an increase of 8% over the previous year. This rise in perceived vulnerability coincides with a significant increase in insider attacks as 74% of organizations report that attacks have become more frequent (a 6% increase over last year), with 60% experiencing at least one attack and 25% experiencing more than six attacks.

Organizations are also struggling with insider threats in the cloud and often don’t have the necessary technical capabilities in place to detect and prevent them. Eighty-seven percent of organizations consider unified visibility and control across all apps, devices, web destinations, on-premises resources and infrastructure to be moderately to extremely important. However, less than half (48%) monitor for unusual behavior across their cloud footprint and the web. Furthermore, over half of respondents said that detecting insider threats is harder in the cloud and that uptime and performance of tools like SASE and CASB is vital to success.

Some additional key stats from the report include:

The top factors that make timely detection and prevention of insider attacks difficult include trusted insiders that already have credentialed access to apps, networks and services (54%), the increased use of SaaS apps that can leak data (44%) and an increase in personal device use with access to corporate resources (42%).
Among all potential insiders, cybersecurity professionals are most concerned about IT users and admins with far-reaching access privileges (60%). This is followed by third-party contractors and service providers (57%), regular employees (55%) and privileged business users (53%).
The rising threat of insider attacks is a strong driver for organizations to implement formal insider risk programs. Thirty-nine percent of organizations already have an insider threat program in place. Another 46% are planning to add insider threat programs in the future — a rise of 5% over the prior year.
The shift to hybrid and remote work has aggravated insider risk. Sixty-eight percent of security pros are concerned or very concerned about insider risk considering a post-Covid return to the office or a permeant hybrid work model.

To download the entire “2023 Insider Threat Report” click here.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.