Dealing With Insider IT Security Threats Requires New Approaches

 
 
By Chris Preimesberger  |  Posted 2014-04-10 Email Print this article Print
 
 
 
 
 
 
 
 

The threat of insider tampering with data systems is a constant worry for IT managers. Such threats, currently on the rise, are caused by employees or associates (including contractors and partners) of an organization who either maliciously or accidentally put their organizations and data at risk. Most expensive, high-profile breaches are the result of attack techniques used inside the network; therefore, the threat extends to outsiders who have obtained the legitimate credentials needed to gain access and conduct malicious activities that cause operational harm and steal data. New-gen IT, including the implementation of cloud and big data projects, adds the opportunity for data theft due to the distributed nature of such systems. Regulatory and compliance issues are also driving the requirement to provide better protection against insiders and those who comprise trusted employees. This eWEEK slide show—consisting of data gathered by Ovum Research and compiled by Tina Stewart, marketing vice president at security specialist Vormetric—presents 10 key metrics regarding the landscape of insider IT threats in early 2014.

 
 
 
  • Dealing With Insider IT Security Threats Requires New Approaches

    by Chris Preimesberger
    1 - Dealing With Insider IT Security Threats Requires New Approaches
  • Servers and Databases Still Main Targets

    Servers and databases continue to hold the bulk of each organization's structured and unstructured data assets and are responsible for the vast majority of high-profile data breaches. Controlling mobile devices is a concern because of their ever-growing use within operational environments, but the main issues when related to inside threat activity is how these devices are used as the source of access to data held in corporate servers and data centers.
    2 - Servers and Databases Still Main Targets
  • Few Organizations Feel Safe From Insider Attacks

    When asked how safe they felt their organizations were to the threat of insider attacks, a mere 9 percent of European IT managers and security professionals who responded to the 2014 Vormetric Insider Threat Report said that their organizations were safe from attack; 26 percent said they felt vulnerable. Although a significant proportion of IT security budgets are spent on data protection, access control and user monitoring technology, companies still don't feel totally safe.
    3 - Few Organizations Feel Safe From Insider Attacks
  • Nearly Half of U.S. Respondents Felt Vulnerable to Insider Attacks

    A substantial 47 percent of U.S. respondents to the Ovum/Vormetric survey said they felt vulnerable to insider attacks. The European country feeling most vulnerable to these threats was Germany at 33 percent, with France and the U.K. both returning figures of 23 percent and 22 percent, respectively.
    4 - Nearly Half of U.S. Respondents Felt Vulnerable to Insider Attacks
  • C-Level Management Should Be Worried

    Insider threats are the most difficult to detect. Senior IT and business managers worry that these activities often do not show up on their security radar and are likely to go undetected. They also have significant concerns about everyday users, third-party business partners, contractors and service providers with their shared-access rights.
    5 - C-Level Management Should Be Worried
  • Employees' Use of Operational Assets Now a Major Concern

    When European organizations were asked who posed the biggest internal threat to corporate data, almost half said everyday users; the next largest group was third-party service providers, followed by IT administrators and other IT staff. The top issues raised were about how best to keep tabs on and control users with legitimate access to sensitive company data and IT assets.
    6 - Employees' Use of Operational Assets Now a Major Concern
  • Another Worrisome Area: Privileged-User Management

    While in general being positioned as feeling less vulnerable than their U.S. counterparts, Europeans had greater anxiety about the theft of privileged-user credentials, compromised credentials and abuse of access rights. U.S. organizations agreed that privileged-user access abuse was important but were also worried about other employees and physical theft.
    7 - Another Worrisome Area: Privileged-User Management
  • Regulatory Compliance on Insider Threat Protection Is Costly

    European organizations are planning to make increases in their information security budgets over the next 12 months because of insider threats. Two-thirds plan to increase their security budgets, and of the overall respondents, 23 percent were looking to achieve significant budget increases as a direct consequence of insider threats. In mid-March 2014, the European Union voted overwhelmingly to add further new data protection laws, adding further compliance pressure.
    8 - Regulatory Compliance on Insider Threat Protection Is Costly
  • High-Level Insider Threat Protection Still a Key Imperative

    Traditional data protection, including the use of signature-based anti-malware products, continues to be thought of as the most effective means of addressing insider threats. This represents a misalignment between the data protection and user access vulnerabilities that exist within organizations and the security solutions. Organizations generally provide a broad-brush protection strategy against everyday malware attacks but do not have the capability to deal with targeted and advanced attacks that bypass traditional defenses.
    9 - High-Level Insider Threat Protection Still a Key Imperative
  • More Enterprises Focusing on Use of New Security

    Enterprises moving to the cloud are testing new IT security with better service-level commitments and liability terms for data breaches caused by service providers or other customers of the cloud providers, encryption of the organization's SaaS/cloud data with local control maintained over encryption keys, and detailed physical and IT architectural implementation information being made available.
    10 - More Enterprises Focusing on Use of New Security
  • What This All Signifies

    Existing security products and strategies are hindering, rather than helping, organizations. They remain vulnerable and need to do more to deal with insider threats that range from misuse of resources to targeted and malicious advanced persistent threats. They are often hindered by the fragmented security solutions that have been deployed to protect valuable data assets. What is required and often missing, due to legacy and cost-of-replacement issues, is an integrated platform approach to user and data protection.
    11 - What This All Signifies
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel