Rapid Adoption of Cloud and Mobile Drives Insider Threats

The applications most vulnerable to insider threats include cloud storage and file sharing as well as collaboration and communication applications.

bitglass and it security

The average data breach lasts 205 days or nearly seven months, yet only 11 percent of organizations believe it would take them as long as six months or more to detect an insider threat, according to a Bitglass survey of IT and security practitioners.

The survey found 62 percent of respondents have seen an increase in insider threats over the last 12 months. Respondents indicated that as more data leaves the network through cloud apps and mobile devices, the inability to protect these environments is a top reason for the growth of insider threats.

Respondents listed the top sources of insider threats as insufficient data protection (54 percent), more data leaving the network (51 percent) and more devices with sensitive data (51 percent).

"The biggest surprise was the amount of overconfidence most respondents have in their ability to detect and stop breaches," Rich Campagna, Bitglass’ vice president of products, told eWEEK. "Only 11 percent of respondents think it would take them as long as six months or more to detect an insider threat, yet on average, it takes nearly seven months for detection."

Seventy percent of respondents said determining the actual damage of insider threats is difficult, and a discouraging 45 percent of enterprises had no idea how many insider threats actually occurred in their organization during the last year.

The applications that are most vulnerable to insider threats include cloud storage and file sharing; (44 percent); collaboration and communication applications (43 percent), and finance and accounting applications (38 percent).

"Cloud and mobile are both presenting challenges to enterprises, as data moves beyond the reach of traditional security products in both cases," Campagna said. "The survey shows that 75 percent of organizations are not monitoring user activity in the cloud, leaving a lot up to chance. Tools like cloud access security brokers can close this gap and provide the visibility and control needed."

The data most vulnerable to insider threats are customer data and intellectual property (both 57 percent), followed by employee data (45 percent), and financial data (43 percent).

"As more and more data moves beyond the firewall, protection and detection strategies will evolve to cover environments that haven't historically been securable," Campagna noted.

A May survey by the company found that misuse of employee credentials and improper access controls top the list of concerns about public cloud security. Unauthorized account access (63 percent), hijacking of accounts (61 percent) and malicious insiders (43 percent) were the top three issues reported.