Thales Blog

Going Global With The Vormetric Insider Threat Report

January 22, 2015

The Most Dangerous Insiders

While news about the malicious hacking trade and the actions of elusive cyber-criminals continue to grab headlines, the third of our annual Insider Threat reports confirm that the risk posed by those legitimately ‘inside the fence’ continues to top business data security concerns. Of course, there can be no denying that the breadth and depth of private and public sector breaches in the past few years that have resulted from trusted insiders turning rogue or being compromised by perpetrators of APTs and the like indicates that there is a major disconnect when it comes to organisations’ handling of data security – and, crucially, how they manage their privileged users.

<ClickToTweet>: The most dangerous insider threat – Privileged Users and the compromise of their credentials

Find the report, and other interesting materials, here: Insiderthreat 2015

The Spectrum of Insider ThreatsTwo years ago our 2013 Insider Threat report found that only 27 percent of US organisations block privilege user access to sensitive data, whereas our 2014 European version of the report saw that number basically double. This year, it looks like the shadow of Edward Snowden continues to hang heavy over many businesses, with 55 percent of global respondents claiming that privileged users remain one of the biggest threats to their organisation. It is high-time businesses took heed of these numbers and put the necessary data protection measures in place to control and monitor the actions of these powerful users.

Failing to secure their dataThis year’s report highlights some really interesting regional data protection variations, some of which were influenced by particular situations. My American colleagues will do a better job at explaining the intricacies of the data security landscape on their side of the pond, but one useful example to pluck out of the report is that, in the States, 33 percent were looking to do more to protect company-sensitive data as a direct result of seeing the damage caused to a competitor following a security breach. This was 5 percent above the global average. It’s fair to anticipate that the swathe of headlines about data breaches experienced by American citizens – whether that’s shoppers of Target or students at University of California, Berkley – have started reverberating up at the board level, and that there is a recognition that no organisation is safe. There’s also something to be said of the legal costs and regulatory fines being significantly higher in the US – an approach that we can anticipate being mimicked here in Europe once the new EU Data Protection legislation is enacted.

Drilling down into the data, it’s worth noting that concerns about the threat posed by insiders are higher here in the UK compared to our German counterparts. 40 percent of UK companies said they had suffered a significant data breach or failed a compliance audit in the last year and, as a result, 51 percent reported that they were looking to increase spending on security and data protection in the year ahead. On the flip side of that, the research also shows a marked difference in attitudes towards where data is most at risk – 58 percent of German enterprises consider data held at the database level to be most at risk, file servers come in a close second and cloud is third on the list. For the UK, only 38 percent believe server data is most at risk, a massive 20 percent below Germany (and significantly below the US figure of 47 percent).

That said, it’s fair to call out that the German approach to data protection is on the whole ‘proactive’ rather than ‘reactive’: 44 percent of German organisations are looking to increase their spending in the area, with the top priority for 55 percent being the protection of intellectual property (IP). It’s safe to assume that the sophisticated, insider-led breach at Vodafone Germany last year – wherein personal data on 2 million customers was compromised – must have had an effect on security posturing in the country. The German case also highlights an interesting point about cloud computing and concerns about data sovereignty in the country – it indicates that they have a more restrictive view on the use of cloud-based services. This is something we industry professionals should also bear in mind as the Dublin Microsoft case unfolds.

Now, as a member of the sales team here in Europe, it would be remiss of me not to acknowledge how security spending is likely to change in the year ahead. It’s interesting to see that 54 percent of global respondents state that they will increase spending to offset the threat.The inappropriate or unauthorised access and theft of confidential company or customer data is simply no longer acceptable. Not least when solutions exist that allow you to restrict access to sensitive information while still giving employees the tools they need to perform their work – namely, transparent encryption coupled with deep-level security intelligence. As our CEO Alan Kessler states, “businesses wishing to protect themselves must take a data-centric and data-first approach”