Businesses Increasingly at Risk From Insider Threats

More than half of organizations regularly experience unusual behavior by privileged users, such as administrators accessing data they should not.

skyhigh and it security

On average, organizations experience 5.1 incidents each month in which an unauthorized third party exploits stolen account credentials to gain access to corporate data stored in a cloud service, according to a report from Skyhigh Networks.

The study, derived from analysis of actual cloud usage across more than 23 million employees, found 89.6 percent of organizations experience at least one insider threat each month, which is up from 85 percent for the same quarter last year.

In addition, 55.6 percent of organizations experience unusual behavior by privileged users, such as administrators accessing data they should not, each month.

"While small businesses may consider themselves too small to be targets, almost all businesses have documents that are considered sensitive – like customer data or business information they want to keep from competitors," Kamal Shah, senior vice president of products and marketing at Skyhigh, told eWEEK. "Small businesses are much less likely to have a chief information security officer or other form of IT security leadership. They’re also less likely to have a plan of action in place to respond to a data breach."

Shah says the first step is education, and he explained security education functions best when it is a seamless part of the user experience, which he called just- in- time training.

"For example, if IT blocks access to a service or uploads to a specific high risk service, be transparent about why that behavior violated security policy," he said. "Most employees want to do the right thing when it comes to information security, so security education should provide them with the resources to make smart choices regarding data security."

The study also found 28.1 percent of employees have uploaded a file containing sensitive data to the cloud and the average organization shares documents with 849 external domains through these services.

Of all documents stored in file sharing services, 37.2 percent are shared with someone other than the document’s owner, 71.6 percent of shared documents are shared internally with select users, and 12.9 percent of shared documents are shared with all employees within an organization.

"The most concerning finding is that insider threats, exploited accounts, and data exfiltration collectively account for over 16 security incidents per month at the average organization," Shah said. "Similarly, the high percentage of organizations that have suffered from such an incident – nearly 90 percent for insider threat alone – shows that these issues are widespread across companies and industries. Companies may not be equipped to differentiate malicious usage from employees’ normal behavior as they get their work done."