Organisations are feeling the pressure from insider threats and are ramping up detection, prevention and remediation, according to a global study from Haystax Technology.
“One consistent message we heard in all of these interviews was that cyber security professionals don’t feel equipped to stop insider attacks, despite an increase in funding for things like better controls and training,” said Haystax CEO Bryan Ware. “I’m not surprised that so many are now using analytics, as they need actionable intelligence to proactively identify and defend against threats from both malicious insiders and negligent users.”
>See also: How to manage and mitigate insider threats?
In 2017, 90% of organisations reported feeling vulnerable to insider attacks, up from 64% in 2015. Haystax predicts 99% of organisations will feel vulnerable this year as they struggle with excessive access privileges and an increasing number of devices with access to sensitive data.
Privileged users were cited as the biggest insider threat concern for 55% of organisations in 2017. Haystax predicts that 2018 will be the year when regular employees surpass trusted insiders as the greater risk.
Just 19% of organisations deployed user behavior analytics (UBA) solutions in 2016 to proactively monitor employee populations, a figure that jumped to nearly 30% last year. Haystax predicts that number will jump to 40% this year as AI techniques enhance UBA technologies.
In 2015 half of organisations were not leveraging analytics to detect insider threats; now, that figure has shrunk to just 8% as organisations see the inherent value of UBA technologies for insider threat detection, prevention and remediation.
Investments in insider threat solutions have grown significantly since 2015, when just 34% of organisations increased their investment in combating insider threat. That figure rose to nearly 50% in 2017 and Haystax experts predict it to jump to nearly 60% this year, as companies grow more concerned about the rise in the volume and frequency of both external and insider attacks.
This will be a watershed year for insider threat, one that will require increased spending related to addressing insider threats, as well as the adoption of analytical tools to prevent, detect and remediate such attacks.