Image: iStock/LucasSG83
When IT professionals think of threats to their organizations the focus is usually put on the outside: hackers and malware are the main problem―right?
A new report from cloud security company Bitglass suggests something entirely different: the biggest threats are coming from inside organizations. In fact, one out of every three companies experienced a breach due to internal security failures in the past year.
Before you start seeing corporate espionage, moles, and spies everywhere it's worth investigating the report : it's not all as malicious as you think.
It's coming from inside the building!Nearly three-quarters of tech professionals surveyed are worried about insider attacks, and nearly the same amount say it's not a problem of malicious intent―it's all about carelessness.
More about IT SecurityGovernments and nation states are now officially training for cyberwarfare: An inside look
Europe, Canada, USA, Australia, and others are now running training exercises to prepare for the outbreak of cyberwar. Locked Shields is the largest simulation and we take you inside.
Read moreBYOD, mobile devices, cloud computing, and remote work policies are changing the face of business faster than IT departments can keep up. Every single machine that leaves the office with access to internal files or drives is a potential spy, and 62 percent of IT professionals feel that employees lack adequate training to understand that risk.
SEE: Information security policy (Tech Pro Research)
Unsurprisingly, the report found that 56 percent of those surveyed thought that insider attacks had increased in the past year. That makes sense considering the rise of BYOD and cloud computing: whether accidental or malicious it's easier to leak data when you can access it from anywhere at any time.
Why insider threats are getting worseThe long standing focus on external security has left internal systems a bit neutered, at least according to 66 percent of respondents: they feel less prepared to deal with an insider attack than one from the internet.
When asked why they thought existing security policies were ineffective a majority of those surveyed agreed: privileged users were the biggest threat. This could include super users, those who weren't properly removed from the system on termination, staff who have changed departments, or anyone else with appropriate―or inappropriate―access. In short, if someone can access important data they're a greater risk.
User analytics are a valuable tool in fighting internal attacks, but there's one big problem: while 56 percent of companies are gathering user data only 15 percent are performing behavior analysis, which is where anomalous behavior is going to be detected.
How you can keep the spies at bayThe report found that most IT pros are focusing on three areas: the writing and enforcement of security policy, identity and access management, and encryption. Users need to know what they should and shouldn't do, everyone's access needs to be tightly controlled and tracked, and every piece of hardware that accesses the network needs to be properly secured and encrypted.
SEE: Malware downloaded every 81 seconds, says new Check Point security report (TechRepublic)
IT departments with a large enough budget should consider investing in user behavior anomaly detection, or at the very least investigating how useful it may be to their organization. Stopping an internal leak can only be done if it's identified quickly―every second counts.
Let's face it: BYOD and the cloud aren't going away. We're inching toward a new era in tech where more and more sensitive information is going to be floating in the digital ether, and that means more challenges for data security professionals. Proactive, preventive solutions are the only way to stay ahead of the game.
The 3 big takeaways for TechRepublic readers One in three businesses experienced an internal attack in the past year, and 74 percent of respondents feel vulnerable to insider threats. Nearly three-quarters of respondents believe inadvertent leaks are the primary concern. Lack of understanding security, unsecured WiFi, and stolen devices are where the real threats are. 60 percent of IT professionals think privileged users are the biggest threat. Counter that with proper training, access management, and device encryption.