BYOD Drives Increase in Insider Threats

Over three-fifths of IT professionals believe that insider threats are more difficult to spot than attacks by malicious third parties, with the explosion in mobile endpoints a key challenge, according to Dtex.

The security vendor polled over 400 IT pros to compile its 2017 Threat Monitoring, Detection & Response Report.

Nearly half (48%) claimed that detecting and mitigating insider threats is one of the top two challenges facing IT security teams today, with 51% claiming that the threat grew last year.

In total, just 6% said that detecting internal attacks is easier than spotting external threats, highlighting the scale of the challenge facing security teams.

Most insider threats come about not as the result of a determined employee, but negligence, the report found. Nearly two-thirds (64%) of respondents cited inadvertent data breach/compromise as their top insider concern.

That’s why more than half (57%) pegged end-user training as the best way to mitigate the insider threat.

The challenge is compounded by an increasingly mobile workforce that can connect to the corporate network via their BYOD mobiles.

Some 55% of survey respondents claimed this to be behind a rise in insider attacks over the past year, followed by 51% who pointed to data leaving the network perimeter via mobile devices and web access.

The bad news is that less than a third (30%) said they felt confident in their organization's insider threat security posture, and just 37% in their organization’s overall security posture.

Dtex Systems CEO, Christy Wyatt, claimed humans are the weakest link for organizations as businesses struggle to pinpoint ways to detect the moment when an insider becomes an insider threat.

“Existing employee training protocols, malware detection tools, antivirus platforms and SIEMS alone lack context to reliably detect insider vulnerability,” she added.

The news follows a Haystax Technology report in March which claimed that three-quarters (74%) of organizations feel vulnerable to insider threats.

A SANS Institute study released earlier this month co-sponsored by Dtex actually ranked malicious insiders (40%) as more damaging than accidental or negligent staff (36%).

What’s Hot on Infosecurity Magazine?