Insider Threats: Painful Lessons Learned
When a government agency or business suffers a major breach, much of the subsequent attention focuses on the outside hackers who penetrated cyber defenses to access networks and steal valuable data. But one of the most important lessons we learned in the past year was this: In the vast majority of large breaches that occurred, there was a strong insider related component.
That’s one of the key insights from a Vormetric blog post by Andy Kicklighter, Director of Product Marketing for Vormetric. Andy writes:
If it wasn’t a traditional insider, as in the Korean Credit card breach where 40% of Korean’s data was stolen or when Bradley Manning breached confidential intelligence records, it was a privileged user who managed systems like Edward Snowden using their position to gain access to sensitive data, or the Sony and Target hacks, where privileged user credentials were compromised and used to steal sensitive data.
Andy reviews the results from the Vormetric Insider Threat Reports of 2013 and 2014, finding that porous security perimeters are now the rule. Analysts across the board say that it’s no longer a question of “If” you will be breached, but “When.” Andy writes:
But people in our industry still haven’t fully absorbed this change. They still believe that their traditional perimeter defenses will protect them.
Vormetric’s reports from 2013 and 2014 also show that organizations had not yet fully absorbed the fact that their privileged users are their most risky employees. Given the major breaches of the past year, Andy expects that the 2015 report will show a higher awareness of the privileged user risk.
Shortly after Andy posted his blog, Vormetric released its 2015 Vormetric Insider Threat Report. The report is based on survey responses from more than 800 senior business managers and IT professionals in major global markets, roughly half from the US and the rest from the UK, Germany, Japan and ASEAN countries. You can read the report here.
Stay tuned for more cybersecurity insights from Vormetric on the Cyber Attack Defenders blog.
In the meantime, you can read the full Vormetric blog post here.