Organizations that succeed in tackling insider threats have done so by building mitigation programs with full engagement and support from both leadership and employees, says Tom Read, Haystax Technology’s VP of Security Analytics.
However, Read notes in an interview with Dark Reading that most companies have put controls in place that generally have “not worked — and the facts support this.” In particular, he cites popular network-focused technology solutions like controls on endpoints, which “only control what happens after the person is already intending to attack. An insider with knowledge of those controls will easily find a way around them.”
A newly published Haystax industry survey on insider attacks bears out Read’s point, revealing that despite an increase in spending across the board, organizations are still struggling to address their insider threat challenges. Using crowd-based research collected in partnership with the 300,000+ member Information Security Community on LinkedIn and Crowd Research Partners, the survey found that 74 percent of organizations feel vulnerable to insider threats, a significant seven-percent increase over the previous year’s survey.
“Companies aren’t addressing the root causes of insider threat, like behavioral issues such as lack of empathy or paranoia – combined with personal or organizational stressors,” Read tells Dark Reading. These root causes “are major drivers of malicious insider threat.”
The Dark Reading article also gets Read’s take on the companies that deploy successful insider-threat programs. Besides leadership support, and a focus on human behaviors rather than technical indicators, they typically also have processes in place ensure that background vetting is conducted not only before someone is hired but also on an ongoing basis. He says, “The selling point, quite simply, is that the background vetting doesn’t stop just because you’ve been hired.”
On the same day the Dark Reading article was published, Haystax Technology CEO Bryan Ware was quoted in another piece on the survey from InfoSecurity Magazine. Said Ware about insider threat, “Ask any cybersecurity specialist to name the biggest security threat to an organization and they’ll tell you it’s people. Training programs and network controls are important, but without analytics that produce actionable intelligence, organizations are often left in the dark until after an insider does damage.”
Besides Dark Reading and InfoSecurity, other recent press coverage of the survey includes:
Facility Executive: Cybersecurity: Most Organizations Ill-Prepared For Insider Threats
Government Security News: Haystax survey indicates organizations ill-equipped to handle insider threats
HelpNet Security: People are still the biggest security threat to any organization
Politico: Report Watch
PYMNTS.com: When Treasurers Are SMEs’ Worst Enemies
To view a full copy of the Insider Attacks Industry Survey and supporting materials on insider threat, please click here.