In the report, Insider Threats Drive Data Protection Improvements, Forrester Research asserts that most organizations are making positive steps toward protecting the sensitive data they are migrating to the cloud. However, Forrester suggests that many have not devised a comprehensive plan that addresses a primary obstacle to data security, internal cybersecurity threats.
In this post, we give you Forrester’s seven most critical findings regarding insider threats and suggest a new way of thinking about data security so you can have the solutions on hand to dramatically reduce your risk.
1. 58 percent of sensitive data incidents are caused by insider threats.
Insider threats are not all the same. Some insider threats come from non-malicious mistakes, and some come from deliberately malicious actions, but if you are breached all that matters is you have been compromised. In any case, the data strongly suggests that insider threat risk is a critical problem that organizations must address.
2. 82 percent of organizations do not have an insider risk management strategy or policy.
Given the proportion of security incidents caused by insider threats, this data is concerning. Organizations that do not prioritize policies to neutralize insider threats often point to insufficient internal expertise or budget constraints as the reason. But this is only part of the story. Thirty-one percent of organizations simply do not regard insiders as a substantial threat to cybersecurity. Another 30 percent cite organizational indifference and lack of executive buy-in to an insider risk management strategy as factors.
3. 65 percent of organizations train employees to follow data loss policies, opting for a check-box compliance approach.
One thing we have learned from studying years’ of data breaches, it’s that the vast majority of breached organizations were in compliance with data management regulations. “Checking off boxes” using traditional approaches has lulled many organizations into a false sense of security, particularly with regard to insider threats.
4. 64 percent of organizations believe they have adequate solutions in place.
Given that over 80 percent of organizations do not have policies that address insider threats directly, this data point suggests that far fewer organizations actually have adequate solutions. Organizations need to take a fresh look at their solution and assess more realistically if it really protects their data or is just so much “cybersecurity theater”. For a reality check to determine the security of your data from insider and external risk, ask within your organization if you know who’s accessing it, what they’re doing with it, why they need it, where they’re accessing it from, when they’re accessing it, and which servers they’re using. If you don’t have this information, your solution is not protecting data adequately.
5. 55 percent of organizations say end users have devised ways to circumvent their data protection.
Often DevOps teams need to spin up and take down cloud databases to accelerate testing and development. They may populate testing and search tools with unprotected sensitive data, then forget about it. This unfortunately is a reality of operations today and creates serious security risks and why a PWC report said 30 percent of companies admit their employees are their greatest source of security risks. This data also suggests that checkbox training is not working.
6. 52 percent of organizations don’t prioritize insider threats like external threats.
A deeper dive into what’s really happening would give organizations pause to rethink this. Many organizations offer little more than a static set of guidelines included in a handbook that they hope people read, which leads to a greater risk of insider threats. CSO Online reported 94% of malware is delivered by email and phishing attacks account for more than 80% of reported security incidents. More than a quarter of US employees admit to having problems in identifying a phishing email. Security teams must provide continuing education on best practices as threat vectors change.
7. 45 percent of organizations experienced more than 10 employee security policy violations from late 2020 into 2021.
Digital organizations must train employees to do their part in protecting sensitive data or this number is sure to rise in 2022 and beyond. There are dozens of tactics that organizations can use to make it harder for bad actors to breach architectures using an unwitting insider. It is critical to make these tactics part of an overall data security strategy.
Do you want to share these facts with your colleagues in an easy to use PDF? Download this handy infographic.
Click here to download the full Forrester report.
Reduce the risk of insider threats using Imperva Data Security Fabric
A solution that enables visibility at the data layer gives you the capacity to proactively manage insider and external risks, detect constantly changing threats, and provides the foundation for a comprehensive data protection strategy. Your team should be able to see all the data on a single, unified platform and – as new data sources are added – your solution should be able to scale up to onboard them no matter where that data resides.
In addition to creating cost savings from dramatically improved insider (and outsider) threat mitigation, the comprehensive data protection that the Imperva Data Security Fabric provides will improve the alignment of teams within your enterprise, reduce negative brand impact, and drive better security culture within your enterprise.
Imperva Data Security Fabric (DSF) provides centralized data security across legacy and modern cloud environments by automating detection, protection, and risk response for all data across multi cloud and hybrid environments. Imperva DSF makes it easier for customers to understand and mitigate data risk at every step of their security journey across structured, semi-structured, and unstructured data.
Learn more by contacting your Imperva Account Representative.
Try Imperva for Free
Protect your business for 30 days on Imperva.