Fifty-eight percent of sensitive data security incidents are caused by insider threats, according to a recent study by Forrester Research. Insider threats come from improper use of legitimate authorized user accounts. These accounts – assigned to internal employees and business associates – are either misused by the rightful owner or exploited by an external threat actor who has navigated through perimeter controls.
Forrester Research’s late 2021 paper, commissioned by Imperva, is titled Insider Threats Drive Data Protection Improvements. The objective of the article was to assess how companies protect data in response to insider threats as part of a broader strategy to more effectively manage the growing surface of cyberattacks. The information was obtained through a survey of 464 security and IT professionals responsible for managing and responding to insider threats.
In this article, we’ll summarize Forrester’s findings that suggest why this number is alarming. In future blogs, we will discuss the costs of insider threats and describe how to use this strategy to explain how a simple unified approach to establishing comprehensive data visibility is essential to creating an automated and scalable data protection strategy that closes the gaps in data protection. security for both on-premises and multi-cloud data repositories.
Internal threats are perceived as less urgent than external threats
According to the Forrester report, one of the reasons insider threats make up the majority of security incidents is that nearly a third (31%) of organizations don’t believe insiders are a significant threat. Leadership teams recognize the risks and yet still fail to promote an appropriate level of urgency. This lack of priority has a cascading effect; less than 30% of companies report having an internal risk management strategy or policy.
It’s understandable that many organizations focus first on the perimeter and the endpoint. Strong network and endpoint security, combined with vulnerability lifecycle management toolsets and a mature security operations center are key to reducing overall risk. However, with internal events occurring more often than external events according to the report (58% vs. 41%), it is clear that a richer data security strategy is needed.
When asked how they plan to address the number of policy breaches, breaches, and compromised credentials, between 29-37% of organizations say they are looking to acquire new security tools to fill their current gaps regarding the unauthorized use of identifying information. Additionally, most decision makers report using internal resources rather than hiring a third party to help with security.
Speed of cloud adoption
Another challenge is the rapid migration of workloads to the cloud. 77% of Forrester survey respondents say they will move sensitive data to private clouds in the next two years. It’s logic. The cost-effective pay-as-you-go models and scalable database capabilities offered by cloud environments make them a smart budget choice for businesses, even though it has significant implications for cybersecurity strategy. While adopting secure, easy-to-implement cloud environments improves employee productivity and business efficiency, Forrester reports that 44% of organizations struggle to protect sensitive data using legacy technologies that don’t integrate well with enterprise cloud solutions.
Additional data beyond the Forrester study supports these findings. Gartner predicts that cloud-native platforms will underpin more than 95% of new digital initiatives by 2025 and Crowd Research Partners reports that 84% of enterprises say traditional security solutions don’t work in cloud environments.
Until security can catch up, many companies are faced with the reality of their cloud migration programs slowing down or on hold. That’s not always an option, however. They may be aware of the risks, but remain complacent because the need to innovate takes precedence.
Users who circumvent security policies
Forrester reports that nearly 64% of companies surveyed believe they have the data security solutions and technology to fit their needs. However, the same report reveals that 55% also say that end users have found ways to circumvent their data protection policies.
Why are end users bypassing security policies? Here is a scenario. To innovate quickly, DevOps teams and DBAs often need to start and stop cloud databases for testing. They can fill test and research tools with unprotected sensitive data, then forget about it. This unintended behavior is the reality of operations today and creates serious security risks. To combat this problem today, Forrester reports that 35% of enterprises rely on corporate security compliance, a third deploy behavior analytics to detect malicious threats, and nearly half monitor or audit manually check employee activity periodically.
Is it sufficient? A PWC report reveals that 30% of companies say their employees are their biggest source of security risk. A balance of technology and awareness is probably the right answer. Forrester’s report shows that 43% of internal security incidents result from misuse or malicious intent, 39% from misuse or unintentional accident, and 18% from both. Over a 12-month period from the end of 2020 to 2021, 44% of companies experienced more than 10 policy violations.
Why Addressing the Insider Threat Imbalance is Critical
Attackers who leverage legitimate credentials can be more damaging to data security than outside threats. Organizations looking to reduce data security risk need to be resilient in the face of rapid cloud adoption and users circumventing security policies. They should also work to convert the internal perception that this threat vector is low urgency and use it as the driver for an improved data protection strategy.
Insider threats are a threat vector that comprise 58% of Forrester study participants’ sensitive data incidents. Yet only 37% of respondents say they have dedicated insider threat teams. This imbalance represents a significant gap that, when closed, will reduce risk to your organization.
For a copy of the Forrester report, Insider Threats Drive Data Protection Improvements, click here.
The post How Insider Threats Lead to Better Data Protection Strategies appeared first on Blog.
*** This is a syndicated blog from the Security Bloggers Blog Network written by Bruce Lynch. Read the original post at: https://www.imperva.com/blog/how-insider-threats-drive-better-data-protection-strategies/