Connect with us

Hi, what are you looking for?


Data Protection

Organizations Ill-Prepared to Combat Insider Threats: Survey

According to a recent survey of hundreds of IT security professionals, most organizations have significant security holes when it comes to protecting themselves against insider threats.

According to a recent survey of hundreds of IT security professionals, most organizations have significant security holes when it comes to protecting themselves against insider threats.

In the survey, conducted by SANS on behalf of employee monitoring firm SpectorSoft, 32 percent of respondents said their firms do not have the ability to prevent an insider attack.

Mitigating Insider Threats

Free Resource: Discover how user behavior analytics can analyze current and historical data from hundreds of sources to use as a basis for discovering abnormal behavior that could indicate a possible security breach.

Download Now

While a majority (74 percent) of respondents said they’re concerned that their own insiders could be detrimental to their organization, most are failing to take the required steps to remedy the problem. Disturbingly, 44 percent did not know how much their organization was spending to address insider threats.

“Although organizations know insider attacks pose a salient threat, spending on insider threat defenses falls short,” SpectorSoft said. “Without a comprehensive understanding of what they are spending to prevent the problem, it is likely that organizations also will not know what insider threat defenses they lack or where they can invest further to fill in security gaps and bolster protection against a potential insider attack.”

“While it’s good to see that a strong majority of security professionals are concerned about the dangers posed by insider threats, I was struck by the fact that investment in solutions that can help does not appear to be keeping pace with that concern. I believe a key action item called out by the survey data is that increased focus on, and investment in, addressing the concerns is required,” said Mike Tierney, COO for SpectorSoft.

The survey also indicated that many IT security professionals are in the dark on the possible damage that can be caused as a result of data being exposed by the hands of a malicious insider.

Advertisement. Scroll to continue reading.

More than 52 percent of survey respondents said they don’t know what their losses might amount to – and what it would be worth should it become publicly exposed or fall into the wrong hands.

According to SpectorSoft, the causes behind these security gaps are numerous, with respondents citing lack of training, lack of budget and lack of internal staff as the three most significant reasons for lack of insider threat defenses.

However, the survey revealed that in addition to budget and staffing woes, 28 percent of all respondents claim that insider threat detection and prevention is not even a priority in their organizations.

More than half of respondents (66 percent) said their organization either does not have an insider response plan or has no incident response plan at all.

It is no surprise that insider threats are challenging to detect, and two-thirds (66 percent) of survey respondents claim they have never experienced an insider attack.

“The 34 percent of respondents that admitted to having an insider breach are likely the tip of the iceberg,” SpectorSoft said. “Without dedicated technologies and focus to address the problem, these attacks will likely continue to fly under the radar.”

“Whether the attacker is a malicious insider or an adversary that has hijacked a legitimate user’s identity, the challenge is the same – discovering suspicious activities performed by a user already within your network and with legitimate credentials,” experts from security firm Fortscale explained in a recent white paper“Organizations require advanced tools to transform their massive amounts of event and log data into effective and actionable user threat detection intelligence.” 

The survey (PDF), “Insider Threats and the Need for a Fast and Directed Response,” was conducted between December 2014 and January 2015. 772 IT security professionals representing a broad spectrum of industries and sizes, including the technology, government, financial, education and healthcare sectors, participated in the survey.

Resource: Successfully Utilizing User Behavior Analytics to Mitigate Insider Threats

Case Study: How a Major Online Retailer Enhanced Visibility into Threats With User Behavior Analytics

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cybersecurity Funding

CommandK announced that it has raised $3 million in a seed funding round for a solution designed to help organizations secure sensitive data.