Insider Compromises, Cloud Dominate Enterprise Data Threats

Insider threats continue to threaten enterprises, with 89.6% of organizations experiencing at least one insider threat each month—up from 85% for the same quarter last year.

According to Skyhigh Networks’ quarterly Cloud Adoption and Risk Report, derived from analysis of actual cloud usage across over 23 million employees, the “insider threat” bucket includes behaviors that unintentionally expose an organization to risk, such as mistakenly sharing a spreadsheet with employee Social Security numbers externally. They also include malicious activity, such as exfiltrating proprietary data.

The report also found that the average organization experiences 9.3 insider threats each month, while 55.6% of organizations experience unusual behavior by privileged users, such as administrators accessing data they should not, each month.

Meanwhile, slightly more than half of all organizations experience account compromises each month. Many business-critical cloud services support multifactor authentication, and companies can reduce their exposure to account compromise by enabling this feature; yet, on an average, organizations experience 5.1 incidents each month in which an unauthorized third party exploits stolen account credentials to gain access to corporate data stored in a cloud service.

Earlier research by Skyhigh showed that 92% of companies have cloud credentials for sale on the dark web.

In order to extfiltrate stolen data from on-premises systems of record, hackers are increasingly turning to public cloud services; the average organization experiences 2.4 cloud-enabled data exfiltration events each month, and the average incident involves 410.0 MB of data.

On a related note, the percentage of documents that are shared via file-sharing services hit an all-time high in the third quarter of 2015. Of all documents stored in file sharing services, 37.2% are shared with someone other than the document’s owner.

While enhanced collaboration between colleagues and business partners is a positive development, the ease with which data can be shared also carries the risk that a sensitive file may be unintentionally shared too broadly or outside the organization, violating company policies.

Accordingly, the report found that 28.1% of employees have uploaded a file containing sensitive data to the cloud.

What’s Hot on Infosecurity Magazine?