the threat is inside

Nearly two in three enterprises believe insider threats have increased in the past 12 months, according to recent research by Bitglass.

Rich Campagna, VP of Products and Marketing at Bitglass, said insiders are both accidentally and maliciously leaking data — often through the use of mobile and cloud applications, including file sync and share platforms.

Combined with research that suggests one in three enterprises are leaking data, it appears to show a murky picture of enterprise security.

Is Anybody Watching?

Despite the proliferation of insider threats and the risks posed by the cloud, only 25 percent of enterprises currently monitor the cloud for signs of abnormal user activity, the Bitglass Insider Threat 2015 report (registration required) revealed.

Respondents cited insufficient data protection (54 percent), more data leaving the network (51 percent) and more devices with sensitive data (51 percent) as the top sources of insider threats.

But Campagna speculates change is on the horizon. High profile hacks and the news from whistleblowers like former National Security Agency contractor Edward Snowden have given many C-Suite executives the jitters and focused their collective minds on data protection, he told CMSWire.

biggest insider threats

Even accidental leaks can cost enterprises millions of dollars in penalties and fees (although some industry experts argue that enterprises see such fees as a simple cost of doing business).

Consider the case of the financial advisor at Morgan Stanley, who stole the information of about 10 percent of all of the company's Wealth Management clients and leaked some of the data into the wild. In a statement, Morgan Stanley acknowledged the personal information of about 900 of the 350,000 affected clients, including names and account numbers, "was briefly posted on the Internet."

The company argues there is "no evidence of any economic loss to any client."

While law enforcement agencies were brought in to investigate and the advisor in question was fired, the damage was done. The information was out there and available to the highest bidder.

Bitglass also found:

  • 45 percent of enterprises have no idea how many insider threats have occurred
  • 70 percent said determining the actual damage of insider threats is difficult
  • Customer data and intellectual property is most vulnerable to insider threats

Cloud Computing Threats

Rich Campagna
Campagna said risks are increasing because of the amount of data moving outside the firewall "or outside the traditional security perimeter." When enterprises adopt flexible, easy to use technologies like file sync and share, they "lose visibility and control over what users are doing,” he added.

That's made detecting insider threats more difficult, particularly as enterprises are move more and more data to the cloud.

Bitglass found that the applications most vulnerable to insider threats include cloud storage and file sharing (44 percent) as well as collaboration and communication applications (43 percent), followed by finance and accounting applications (38 percent).

In addition to customer data and intellectual property, the data most vulnerable to insider threats includes customer employee data (45 percent) and financial data (43 percent).

biggest insider threat applications

“Until about a year ago cloud services were often adopted by people outside of IT like a business executive, a line of business manager or, a prime example, a VP of Sales adopting applications like Salesforce CRM,“ Campagna said. “But because these are not IT initiatives, organizations end up adopting them without any kind of control and that’s what has largely happening in the cloud.”

Plugging Leaks

Campagna told CMSWire the average data breach lasts 205 days. That reality is in stark contrast to the fact that nearly 90 percent of organizations think they could detect an insider threat in less than six months.

insider threat detection

A comprehensive governance strategy and better user training are enterprise security essentials, he said.

But Campagna is optimistic, noting that the mindset regarding security is slowly changing. Two things are driving this change, he said: the drive toward adoption of enterprise-wide cloud applications, including collaboration apps like Office 365, and the fact that CIOs are taking a lot more strategic view of security.

Creative Commons Creative Commons Attribution 2.0 Generic License  Title image by Chad Sparkes.

Simpler Media Group, 2015