See our insider threat predictions for 2018 based on data from nearly 1,500 companies that participated in a multi-year research study on insider attacks.
In 2018, 99% of organizations will report feeling vulnerable to insider attacks.
In the most recent 2017 study results, 90% of organizations reported feeling vulnerable to insider attacks. The main enabling risk factors include too many users with excessive access privileges (37%), an increasing number of devices with access to sensitive data (36%), and the increasing complexity of information technology (35%).
Regular employees are surpassing privileged users as biggest insider security risk.
Security professionals have a unique responsibility to detect, counter and respond to cyber attacks. This job becomes more challenging when threats come from within the organization from trusted and authorized users. It is often difficult to determine when users are simply doing their jobs, as opposed to actually doing something illegal or unethical.
The 2017 survey indicated that regular employees and privileged IT users had roughly the same level of risk of becoming a threat. However, the three-year trend has been for the proportion of risky regular employees to rise while the proportion of risky privileged users has been declining, leading us to predict that 2018 will be the year when regular employees surpass trusted insiders as the greater risk.