Insider Attacks Rise, Though Some Businesses Unaware of Risk
The SpectorSoft report found fewer than half of organizations have appropriate controls to prevent insider attacks.A majority (62 percent) of security professionals say insider threats have become more frequent in the last 12 months, but only 34 percent expect additional budget to address the problem, according to a report from security specialist SpectorSoft. The report also found fewer than 50 percent of organizations have appropriate controls to prevent insider attacks, with privileged users, such as managers with access to sensitive information, posing the biggest insider threat to organizations (59 percent). Less than a quarter (22 percent) of respondents saw no rise in insider attacks over the last 12 months, and 45 percent were unsure if they had been attacked or not. "Any security related question that is met with an 'I don't know' answer means there is danger," Mike Tierney, chief operating officer of SpectorSoft, told eWEEK. "It's not surprising that these respondents are unsure. Insider threats are difficult to detect, and without focused detection efforts, there will continue to be a blind spot when it comes to the threats posed by insiders. And these threats are very real, very serious and potentially very damaging."
Tierney said insider threats are more difficult to detect for a couple of reasons, as the overwhelming majority of security budgets and efforts are directed at defending the perimeter.