Privileged inside users pose one of the greatest security risks to organizations worldwide, according to Vormetric’s 2015 Insider Threat Report (ITR).
Vormetric polled 818 IT decision makers in various countries, including 408 in the United States. Domestically, 93 percent said their organizations were more vulnerable to insider threats. In addition, 59 percent of U.S. respondents believe privileged users pose the most threat to their organizations.
Preventing a data breach ranked as the highest or second highest priority for IT security spending for 54 percent of all survey respondents. More than half (54 percent) of global respondents said they will increase security spending to offset the threat in the coming year.
In the U.S. 46 percent of respondents said they believe cloud environments pose the greatest risk for data loss while 47 percent said they believe databases are at the greatest risk.
“To us it looks like people are unsure about targeting their spending to decrease the threat. We think that this confusion reflects an indictment of the IT security industry as a whole, because so many of these areas don’t directly protect data, and take into account the porous, distributed nature of today’s enterprise environments,” Alan Kessler, CEO of Vormetric, told eWEEK.. “We’re not doing enough as an industry to help customers understand the best solutions to the problem.”
Forty-four percent of U.S. respondents say their organization had experienced a data breach or failed a compliance audit in the last year, and 34 percent of U.S. respondents say their organizations are protecting sensitive data because of a breach at a partner or a competitor.
According to the report, despite a rash of data breaches among organizations that were considered compliant, 59 percent of global respondents found compliance standards to be “very” to “extremely” effective.
More than half (55 percent) of global respondents believe privileged users are the biggest threat. In the U.S., that number is slightly higher, with 59 percent citing privileged users.
While 46 percent of U.S. respondents believe partners with internal access pose the second-highest threat, global results point the finger at contractors and service providers.
The top 3 reasons for protecting sensitive data among those polled globally are implementing best practices (38 percent), reputation and brand protection (51 percent) and compliance requirements (50 percent).
“For the first time, organizations seem to realize that compliance isn’t their biggest problem – data breach protection is. In previous surveys, compliance always was rated the top driver for protecting data,” Kessler said. “This year, preventing data breaches, contractual requirements, and protecting intellectual property all scored better than in previous surveys.”