• Gurucul Research Study Found that Human Error and Malicious Insiders Pose Greater Risk than Account Compromise
Gurucul, a leader in behavior based security and fraud analytics technology, today announced the results of a survey on insider threats conducted at the recent RSA Conference.
Almost 75% of the more than 650 international IT professionals canvased said they are vulnerable to insider threats, and ranked user error (39%) and malicious insiders (35%) ahead of account compromise (26%) as their leading concern. Small enterprises reported being least vulnerable, while manufacturing companies led all sectors for being exceedingly vulnerable. Meanwhile, nearly half of respondents said they can’t detect insider threats before data has left the organization.
“Insider threats have emerged as the leading concern for companies of all sizes because they are so difficult to detect and have the potential to inflict the greatest damage to an organization,” said Saryu Nayyar, CEO of Gurucul. “This explains why more than 60% of the companies surveyed are focused on detection and prevention.”
Highlights of the Report
At the RSA Conference 2019, Gurucul conducted an Insider Threat Survey of 671 international IT professionals, which spanned small (less than 2,500), medium (2,501-10,000) and large (more than 10,000) organizations in a range of industries. Some of the highlights include:
- 72% of respondents said they were somewhat or exceedingly vulnerable to insider threats, while 18% said they were not vulnerable and 10% did not know
- The manufacturing sector is the most vulnerable to insider threats with 16% reporting they were exceedingly vulnerable, followed by healthcare at 10%
- The leading insider threat was cited as user error (39%), followed by malicious insiders (35%) and account compromise (26%)
- This varies by industry with technology sector respondents reporting that malicious insiders are their top concern, with retail citing user error and financial services & healthcare said it was account compromise
- Top insider threats are also different depending on company size, small (user error), medium (user error & malicious insider) and large (malicious insider)
- When it comes to detecting insider threats, 34% of respondents said they are able to detect threats in real time, 26% before data exfiltration, 27% after exfiltration and 13% can’t detect insider threats
- The majority of companies (61%) said they are focusing on detection and prevention of insider threats, with 39% saying they are focused on prediction and response
- Most organizations (61%) are monitoring users and devices to detect insiders threat, while only 39% are monitoring privileged and service accounts
A full copy of the report is available here : Insider Threat Survey.