Most Companies are ill-prepared to protect themselves

Most Companies are ill-prepared to protect themselves

An overwhelming majority of global organizations are admittedly ill-prepared to handle the steady increase in insider threat activity, according to research conducted by Cybersecurity Insiders and announced by Securonix, the leader in Unified Defense SIEM.

The “2024 Insider Threat Report,” commissioned by Securonix, reveals the concerns of nearly 500 global cybersecurity professionals about the nature of insider threat challenges, including growing concerns over malicious insiders, shifts to hybrid work environments and the difficulties in detecting insider threats. The report found that while 76% of organizations have detected increased insider threat activity over the past five years, less than 30% believe they are equipped with the right tools to handle them. Just as concerning is that only 21% of respondents said they had a fully implemented and operational insider threat program, which highlights the inability for most organizations to effectively identify and mitigate internal security risks.

“Insider threat management programs are most successful when they receive strong support from executive leadership. This level of leadership is essential for prioritizing resources and navigating the complex technical and privacy challenges across various regions,” said Findlay Whitelaw, Field CTO, of Securonix. “Despite its importance, many cybersecurity professionals feel their organizations fall short in this area. As insider attacks continue to rise, business leaders must empower their teams to develop a security-conscious culture that encourages employees to take a proactive stance against insider threats.”

According to the report, 90% of respondents said insider threats are more or as difficult to detect and prevent than external attacks. While negligent employees and unwitting accomplices to external threats are the greatest sources of insider risk, the research indicated a shift in the perception of insider threats over the last five years. The survey data showed that 74% of cybersecurity professionals are most concerned with malicious insiders within their organization in 2024, which is an increase of nearly 25% when compared to responses from 2019.

“Effectively detecting and defending against insider threats requires an understanding of the different types of insider threats: malicious, inadvertent, and negligent,” said Holger Schulze, CEO and Founder, Cybersecurity Insiders. “With that knowledge in hand, the report shows cybersecurity professionals can develop sophisticated insider threat programs that have a balance of understanding human behaviour, comprehensive employee training, and proactive strategies that deploy the proper tools, including advanced behaviour analytics.”

Additional key findings from the report include:

  • Global cybersecurity professionals indicated the main drivers and enablers of insider attacks are insufficient employee training and awareness (37%), globalization and adoption of new technologies (34%), inadequate security measures (29%), complex IT environments (27%), and disgruntled insiders (25%).
  • More than 75% of organizations report an increasing prevalence of ransomware and triple extortion techniques in their environments, highlighting a growing cybersecurity threat. Information disclosure (56%) and unauthorized data operations (48%) are also leading concerns, emphasizing the importance of data-centric security measures and robust identity and access management controls.
  • The challenges of securing distributed, less controlled environments led to 70% of respondents expressing concern about insider risks in hybrid work environments.
  • A majority of respondents (75%) are concerned about the impact of emerging technologies, such as AI, the Metaverse, and quantum computing, on insider threats, including their misuse and the potential to amplify threat capabilities.
  • Companies are chiefly concerned with the loss of financial data (44%) and customer data (41%), pointing to concerns over direct monetization for threat actors and loss of personally identifiable information (PII), respectively.

Securonix helps organizations improve their insider threat detection, investigation and response practices. Its behavior-based approach allows organizations to identify suspicious insider activities even before impacts materialize, providing the ability to take a more proactive stance against these threats.

To see the “2024 Insider Threat Report,” including a full analysis of the data from Cybersecurity Insiders and Securonix, visit: https://www.securonix.com/resources/2024-insider-threat-report/

 

 

Vertiv Outlines Best Practices of High-Density Cooling for Data Centers

Vertiv Outlines Best Practices of High-Density Cooling for Data Centers

Mahmoud Abdelmoneim, Sales Director for Middle East, Turkey & Central…
How Generative AI Accelerates Digital Transformation

How Generative AI Accelerates Digital Transformation

Lori MacVittie, F5 Distinguished Engineer discusses the impact of…
Maintaining Balance Between Performance and User Experience

Maintaining Balance Between Performance and User Experience

Gaurav Mohan, VP, SAARC & Middle East, NETSCOUT, discusses that…
Microsoft reveals Top Three teams for Imagine Cup!

Microsoft reveals Top Three teams for Imagine Cup!

Today marks a pivotal moment in the 2024 Imagine Cup as Microsoft reveal…
OPPO collaborates with startups for tech advancements

OPPO collaborates with startups for tech advancements

Today, with 150 million startups worldwide and another 50…
TikTok awards women entrepreneurs in Riyadh

TikTok awards women entrepreneurs in Riyadh

TikTok MENA celebrated the conclusion of the second edition of…