A survey of chief information officers at Fortune 1000 companies by security and information management firm Nuix has found that whilst insider threat programs inside organisations are becoming increasingly important in combatting today’s cyber threats, this issue may not yet have the attention it deserves.
Given the high profile nature of these businesses, it’s surprising that 30% of respondents reported having no kind of insider threat program or policy. However, 21% attributed some of their security team’s spending increases to additional protections against internal hazards and 14% reported allotting 40% or more of their budget to insider threats.
Also highlighted in this report was the challenge of knowing what an insider threat is in the first place. Although, when asked to define the term there was a clear theme among the responses, featuring the words “malicious,” “internal,” “authorized,” and “inappropriate.” One financial institution CISO noted: “All threats are insider threats; once a hacker enters the company’s environment, it becomes an insider threat.” “Not all insider threats are mischievous,” countered another financial institution CISO. Those nuances characterized many of the other explanations, which varied to include the following simple and complex descriptions:
One insurance executive explained that individuals interpreted “insider threats” according to their roles in the organization. “If you speak with individuals in physical security, it could be a disgruntled employee with a weapon,” he said. “For those in finance, it could be an employee with high-level credentials secretly moving money or accessing intellectual property to endanger the company’s competitive landscape".
There’s certainly greater awareness of insider threats thanks to the public profiles of Chelsea Manning and Edward Snowden and it’s also much easier to steal information than ever, you can just copy key files onto a thumb drive in seconds. And finally, is there the possibility that the theft of internal records has become culturally more acceptable?
WALLIX offers solutions that give privileged users in your organization secure access to servers and devices, and gives you complete visibility and auditing of their actions, helping you to meet compliance requirements and keep data secure.