The Insider Threat report, conducted by analyst firm Ovum and sponsored by Vormetric, also shows that the nature of insider threats has shifted to include malicious privileged insiders as well as the compromise of privileged user accounts by advanced malware.
Focusing on just those responses from IT decision-makers at financial services organizations in France, Germany, and the UK (a total of 92 responses), the research reveals how firms in the financial sector are evaluating their exposure to insider threats, and the steps they are taking to mitigate the risks. For instance, controlling legitimate network access by third-party contractors is a primary concern within the sector. Other types of users that were isolated as posing the biggest threat to financial organizations include privileged users such as IT and network administrators (43%), and non-technical employees with legitimate access to sensitive data and IT assets, also at 43%.
“The definition of a ‘privileged user’ has changed massively in recent times – to encompass anybody with the necessary credentials to view and modify data across corporate networks, including contactors,” said Paul Ayers, vice president of EMEA at Vormetric, in a blog.
The report also found that cloud computing technology was a big concern, with 45% of European financial organizations finding insider threats harder to detect because of increasing use of cloud resources. These organizations have long used cloud resources to enhance their raw compute power for analyzing financial markets and investments, but continue to grow cloud usage in other areas as well.
“These organisations have used cloud technologies to increase flexibility and gain a competitive edge for a very long time now, and with the pace of today’s technological advancement, security should no longer be an inhibitor to adoption,” Ayers said. “As cloud providers bolster their defences to meet enterprise security needs, it has become possible to embrace new IT models such as cloud computing without comprising the integrity of the data that you hold.”
The report also details concerns with big data initiatives, a technology area where financial services firms are leading adopters. About 69% of European financial services organizations cited the security of reports from big data projects that may include sensitive data as their leading big data concern.
Nonetheless, “organizations are moving ahead with big data implementations – both to drive business advantage and to enhance security,” said Matt Asay, vice president of marketing and business development at MongoDB, a company whose technology supports big data implementations and a partner of Vormetric.
The good news is that 76% of financial services organizations surveyed said that they plan to increase spending specifically to address insider threats. The top driver for this spending increase is compliance (45%), with protecting reputation and the implementation of best practices the next greatest areas of concern.
“Typically, financial services firms’ very business is built on generating and processing the kind of data that cybercriminals dream of,” said Alan Kessler, CEO at Vormetric. “You may remember the case of the Korean Credit Bureau in January this year, when financial data belonging to a staggering 20 million South Koreans – 40% of the country’s entire population – was stolen as a result of insider theft. In this instance a third-party contractor tasked with improving security systems is thought to have smuggled the data out using USB sticks, later selling the information to phone marketing companies. Organizations are struggling to know exactly who has access to what data at any one time – if you don’t know this you can’t make any assurances of its security.”