View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 7, 2013

Majority of organisations fail to block privileged user access to sensitive data

Vormetric 2013 Insider Threat Report finds 76% of unauthorised data access going undetected.

By Claire Vanner

New research from Vormetric has revealed that there are major gaps between existing security processes and the technologies currently in place to address insider threats.

The Insider Threat Report, conducted in conjunction with Enterprise Strategy Group, surveyed more than 700 IT security decision-makers, focusing primarily on large enterprise organisations.

The report found that only 27% of respondents block privileged user access to data, a proven method of mitigating insider attacks, while 66% of respondents use perimeter focused network intrusion detection and prevention tools to identify and prevent insider threats. However, it is well understood that these tools weren’t designed for insider threat detection but to protect from external threats.

"The data is clear – IT decision-makers are concerned about insider threats and data breaches, but tend to rely on perimeter and network security focussed tools today, rather than securing the data at its source," said Jon Oltsik, senior principal analyst at Enterprise Strategy Group.

"What this research highlights is that large organisations need a data-centric security strategy. Insider attacks are increasingly difficult to prevent and detect, and the research findings reveal the need for a change in approach."

The more forward looking and sophisticated organisations were using technology approaches that are proven protections against malicious insiders, or malware attacks that compromise insider credentials such as APTs, but were in the minority.

Only 40% are monitoring privileged user activities, with just 27% blocking privileged user access. Nearly half of organisations only review sensitive data access monthly and a startling 76% admit to not being proficient at detecting anomalous data access behaviour in real-time

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Yet the results also show that many enterprises still focus protections toward the legacy perimeter approach. Network traffic monitoring is the most-used tool to identify and prevent data breaches at 56%. Two thirds use, or intend to use, Intrusion Detection/Prevention Systems to supplement network traffic monitoring and detect and prevent insider attacks.

However, attitudes and protection plans are changing, with 45% of organisations reporting that Edward Snowden has caused them to be more aware of insider threats and 53% are increasing their security budgets to offset the problem in the next year.

Many of those investments will go into additional protections for data, with 78% either already using or planning to use data encryption and an additional 70% already using or planning to use data access controls.

"It’s clear that organisations of all kinds are concerned with securing access to sensitive data," said Alan Kessler, CEO of Vormetric. "While many of the respondents are using more of the right security technologies and tools to help reduce their attack surface, a much larger group is falling short in taking the additional step to protect from insider threats and thwart attacks such as APTs that steal insider credentials."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.