Haystax: Prioritized Risks, Actionable Intelligence

Insider Threat 2018 Report

The most comprehensive research on the topic to date.

Insider Threat 2018 Report

The most comprehensive research on the topic to date.

Haystax Technology reached out to Crowd Research Partners to leverage Cybersecurity Insiders’ 400,000 member online community to conduct an in-depth study of Security & Risk professionals to reveal how they are dealing with risky insiders and how organizations are preparing to better protect their critical data and IT infrastructure.

This report delivers fresh insights, reveals the latest trends, and provides actionable guidance on addressing insider threats.  Interestingly and very different than last year’s report, the responses from across 478 organizations that participated in the study shows that the most damaging security threats are not originating from malicious outsiders or malware but from trusted insiders.

Key Survey Findings

  • Ninety percent of organizations feel vulnerable to insider attacks. The main enabling risk factors include too many users with excessive access privileges (37%), an increasing number of devices with access to sensitive data (36%), and the increasing complexity of information technology (35%). 
  • A 53% majority have confirmed insider attacks against their organization in the previous 12 months (typically less than five attacks). Twenty-seven percent of organizations say insider attacks have become more frequent.
  • Organizations are shifting their focus on detection of insider threats (64%), followed by deterrence methods (58%), and analysis and post breach forensics (49%). The use of user behavior monitoring is accelerating; 94% of organizations deploy some method of monitoring users and 93% monitor access to sensitive data.

  • The most popular technologies to deter insider threats are Data Loss Prevention (DLP), encryption, and identity and access management solutions. To better detect active insider threats, companies deploy Intrusion Detection Prevention Solutions (IDPS), log management and SIEM platforms. 
  • The vast majority (86%) of organizations already have or are building an insider threat program. Thirty-six percent have a formal program in place to respond to insider attacks, while 50% are focused on developing their program.