Most Companies are Vulnerable And Lack the Strategies to Protect Themselves

An overwhelming majority of global organizations are admittedly ill-prepared to handle the steady increase in insider threat activity, according to research conducted by Cybersecurity Insiders and announced by Securonix, the leader in Unified Defense SIEM.

The “2024 Insider Threat Report,” commissioned by Securonix, reveals the concerns of nearly 500 global cybersecurity professionals about the nature of insider threat challenges, including growing concerns over malicious insiders, shifts to hybrid work environments and the difficulties in detecting insider threats. The report found that while 76% of organizations have detected increased insider threat activity over the past five years, less than 30% believe they are equipped with the right tools to handle them. Just as concerning is that only 21% of respondents said they had a fully implemented and operational insider threat program, which highlights the inability for most organizations to effectively identify and mitigate internal security risks.

“Insider threat management programs are most successful when they receive strong support from executive leadership. This level of leadership is essential for prioritizing resources and navigating the complex technical and privacy challenges across various regions,” said Findlay Whitelaw, Field CTO, of Securonix. “Despite its importance, many cybersecurity professionals feel their organizations fall short in this area. As insider attacks continue to rise, business leaders must empower their teams to develop a security-conscious culture that encourages employees to take a proactive stance against insider threats.”

According to the report, 90% of respondents said insider threats are more or as difficult to detect and prevent than external attacks. While negligent employees and unwitting accomplices to external threats are the greatest sources of insider risk, the research indicated a shift in the perception of insider threats over the last five years. The survey data showed that 74% of cybersecurity professionals are most concerned with malicious insiders within their organization in 2024, which is an increase of nearly 25% when compared to responses from 2019.

“Effectively detecting and defending against insider threats requires an understanding of the different types of insider threats: malicious, inadvertent, and negligent,” said Holger Schulze, CEO and Founder, Cybersecurity Insiders. “With that knowledge in hand, the report shows cybersecurity professionals can develop sophisticated insider threat programs that have a balance of understanding human behaviour, comprehensive employee training, and proactive strategies that deploy the proper tools, including advanced behaviour analytics.”

Additional key findings from the report include:

  • Global cybersecurity professionals indicated the main drivers and enablers of insider attacks are insufficient employee training and awareness (37%), globalization and adoption of new technologies (34%), inadequate security measures (29%), complex IT environments (27%), and disgruntled insiders (25%).
  • More than 75% of organizations report an increasing prevalence of ransomware and triple extortion techniques in their environments, highlighting a growing cybersecurity threat. Information disclosure (56%) and unauthorized data operations (48%) are also leading concerns, emphasizing the importance of data-centric security measures and robust identity and access management controls.
  • The challenges of securing distributed, less controlled environments led to 70% of respondents expressing concern about insider risks in hybrid work environments.
  • A majority of respondents (75%) are concerned about the impact of emerging technologies, such as AI, the Metaverse, and quantum computing, on insider threats, including their misuse and the potential to amplify threat capabilities.
  • Companies are chiefly concerned with the loss of financial data (44%) and customer data (41%), pointing to concerns over direct monetization for threat actors and loss of personally identifiable information (PII), respectively.

Securonix helps organizations improve their insider threat detection, investigation and response practices. Its behavior-based approach allows organizations to identify suspicious insider activities even before impacts materialize, providing the ability to take a more proactive stance against these threats.

To see the “2024 Insider Threat Report,” including a full analysis of the data from Cybersecurity Insiders and Securonix, visit: https://www.securonix.com/resources/2024-insider-threat-report/