Why organizations feel vulnerable to insider attacks
More than half of cybersecurity professionals believe detecting insider attacks has become harder since the migration to the cloud.
Many organizations focus their security efforts on defending themselves against outside threats such as hackers, malware, and denial-of-service attacks. And certainly those types of threats pose a danger and should always be on the radar of security professionals.
But insider attacks can often be just as dangerous, if not more so, thus also requiring the attention of IT staff and other personnel. Such attacks can occur maliciously by employees looking to hurt the company through theft or sabotage. But they can also occur accidentally as a result of employees making mistakes or inadvertently leaking data.
Security professionals usually understand the risks of insider attacks, but many feel their organizations are more vulnerable to them, according to a study released on Wednesday as produced by Cybersecurity Insiders and sponsored by Securonix.
SEE: IT leader’s guide to reducing insider security threats (TechRepublic Premium)
Based on a survey of more than 300 cybersecurity professionals, the “2019 Insider Threat Report” found that 70% of the respondents were concerned about inadvertent insider breaches, such as a careless user causing an accidental breach. Some 66% were worried about negligent data breaches triggered by users ignoring company policy but without a malicious intent. And 62% were concerned about malicious incidents from users willfully trying to harm the company.
Insider attacks occur for various reasons. Asked to comment on the motivations for these types of attacks, 57% of the respondents pointed to fraud, 50% to monetary gain, and 43% to the theft of intellectual property….