61% of Companies Have Suffered an Insider Attack in the Past Year

  • 50% of businesses find it harder to detect insider threats after migrating to the cloud
  • Customer data is the most vulnerable to insider attacks
  • The average cost of remediation after an insider attack is anywhere between $100,000 and $2 million

Insider threats pose a significant danger to any organization. This danger is exacerbated as the global pandemic forces a shift to cloud applications and remote work. According to a new report, 50% of businesses find it harder to detect insider threats after migrating to the cloud.

54% of IT professionals in a Bitglass survey said customer data was the most vulnerable to insider attacks.

“This is sensible given the massive compliance and privacy concerns associated with customer information, as well as the fact that it is desirable for malicious parties looking to sell it to make a profit,” researchers wrote.

22% suffered six insider incidents in the last year

Loss of critical data and disruption to operations are the most commonly cited repercussions of insider attacks. 61% of those surveyed experienced an insider attack in the last 12 months and 22% reported at least six insider incidents.

Half of IT pros said a week typically goes by before insider attacks are detected. 44% said that it would take another week or more to recover from such an attack.

“By preventing breaches in a proactive fashion, organizations are able to save significant sums of money that would otherwise be used for legal fees,compliance penalties, and reclaiming their reputational footing,” researchers said.

32% of surveyed organizations calculated that the cost of remediation after an insider attack averages anywhere between $100,000 and $2 million.

“With 73% of respondents saying that their security budgets are staying flat (57%) or decreasing (16%) next year, organizations are being tasked to do more with less,” the report says.

Unsurprisingly, the same survey revealed that 81% of organizations find it difficult to assess the impact of insider attacks, as most firms lack the needed levels of visibility and control. The top three barriers to insider threat management are lack of budget (61%), lack of staff (41%), and lack of tools (38%). These results are echoed in countless studies analyzing the state of insider threats in recent years.

IT pros want single agent / single console solutions to unify their cybersecurity efforts

88% of respondents recognized the importance of unifying security across apps, devices, on-premises resources, infrastructure and the web. But as many as 61% admitted they were in dire need of a solution to unify their cybersecurity efforts. Instead, they are tasked with managing multiple, disjointed solutions that provide varying levels of protection.

Furthermore, 82% of organizations can’t guarantee that they can detect insider threats stemming from personal devices. And half of organizations don’t have visibility into messaging and file-sharing apps on BYOD endpoints.

“In order to thrive in a highly remote and dynamic business environment, organizations must ensure that they are deploying sound security solutions,” according to the report. “These tools must stop insider threats, extend secure access to sensitive data, and be performant, scalable, and cost effective–around the clock and across the globe. Unfortunately, many organizations are still struggling to deploy security platforms that can meet the demands of modern business.”

Addressing user generated risk

As we’ve elaborated before in Securing the Human Layer – The First Sane Step Towards Achieving a Strong Cybersecurity Posture, the primary hole to plug before addressing other facets of cybersecurity is user-generated risk.

First on the list of recommendations from Bitglass researchers is just that. Decision makers must harden their cybersecurity with user behavior analytics that uses machine learning to baseline user behavior and identify suspicious departures from the norm.

Unlike traditional endpoint security solutions whose poor prevention makes them noisy and complex to operate, BitdefenderGravityZone Ultra offers the world’s most effective protection integrated with low overhead Endpoint Detection & Response (EDR), Endpoint and User Behavior Risk Analytics in a single-agent, single-console architecture.

By incorporating advanced protection, risk analytics and hardening innovations, Bitdefender helps minimize the endpoint attack surface, making it hard for attackers to penetrate. Choosing GravityZone also means you can reduce the number of vendors while compressing the time it takes to respond to threats via an integrated security stack. Learn more here.