Haystax Technology, a leading security analytics platform provider, is today releasing an industry survey, titled Insider Attacks, that provides new data and insights into the current state of the insider threat problem and how organizations are dealing with it.
Despite spending increases and investments in deterrence tactics and detection tools, the survey shows that insider threats continue to cause harm to all types of organizations. It suggests that although funding is increasing, inadequate resources are being allocated to some key components of insider threat mitigation, such as predictive risk analytics. This lack of analytics investment comes at a price, as insider attacks continue to be costly.
“Ask any cybersecurity specialist to name the biggest security threat to an organization and they’ll tell you it’s people,” said Haystax Technology CEO Bryan Ware. Yet despite increased funding on insider threat programs, he added, the problem shows no signs of abating. “Training programs and network controls are important, but without analytics that produce actionable intelligence, organizations are often left in the dark until after an insider does damage.”
Using crowd-based research collected in partnership with the 300,000+ member Information Security Community on LinkedIn and Crowd Research Partners, the Haystax study found nearly three-quarters (74 percent) of organizations feel vulnerable to insider threats, a significant seven-percent increase over last year’s survey. Of the organizations that are investing in insider threat mitigation, 61 percent are focusing mostly on deterrence (e.g., access controls, encryption, policies, etc.) and 49 percent on detection (e.g., monitoring, intrusion detection systems, etc.) — while 35 percent employ forensics and analysis systems like security information and event management (SIEM) tools.
Most survey respondents (67 percent) indicate that because insiders already have credentialed access to their networks and services, they are much more difficult to detect and deter than external threats. But only 42 percent of organizations say they are regularly monitoring user behavior, while 21 percent do none at all.
Insider threat detection has improved, with 46 percent of respondents believing they could detect an attack within a day at most. What’s more, 68 percent are confident in their ability to recover from an attack in a week or less, up 20 percent over last year’s survey. However, three-fourths estimate remediation costs could be up to $500,000, with the other 25 percent believing costs could exceed that amount — and perhaps reach into the millions of dollars.
With the goal of mitigating all types and levels of insider threat, the Haystax Constellation Analytics Platform™ delivers advanced security analytics and risk-management solutions that enable rapid understanding and response to virtually any type of cyber or physical threat. Following an investment last year from Fishtech, Haystax Technology is experiencing accelerated growth in 2017 as the leading platform provider in security analytics and insider threat.