sb-eu logo
Story image

Research: 61% of companies have suffered an insider attack in last 12 months

03 Sep 2020

61% of companies have reported at least one insider attack within the last year, and 22% of these companies have suffered at least six separate attacks during the same period, according to new research from Bitglass.

It comes as rapid migration to cloud and remote working and BYOD scenarios leave organisations increasingly vulnerable to insider attacks as a result of the upheaval caused by the COVID-19 pandemic.

The research comes from Bitglass’ recently released 2020 Insider Threat Report, which surveyed IT professionals around the world around navigating the tightrope between budgetary considerations and data protection concerns.

Securing against insider threats has become one of the most challenging security concerns for companies, with most organisations being unable to guarantee that they can detect insider threats stemming from personal devices (82%) or the cloud (50%). A further 81% find it difficult to assess the impact of insider attacks. 

The common practice of having multiple disjointed tools decreases the chances of speedy detection, according to the research. Having different tools with disparate levels of protection, security professionals spend an excessive amount of time managing each of the solutions individually.

As such, 49% of respondents stated that at least one week typically goes by before insider attacks are detected; additionally, 44% said that another week usually passes before the organisation recovers from the attacks.

The growing threat of insider attack is exacerbating budgets that were already constrained before the pandemic, and security teams are increasingly being asked to do even more with less – 73% of companies’ security budgets are decreasing or staying flat over the next year. 

“Enterprises report that loss of critical data and disruption to business operations are the biggest repercussions of insider attacks,” says Bitglass chief technology officer Anurag Kahol.

“Along with brand damage, remediation costs, legal liabilities, and loss of revenue, these are serious ramifications that must be prevented. 

“Enterprises need a multi-faceted security platform that is designed to monitor user behaviour, secure personal devices, deliver maximum uptime and cost savings, and prevent leakage on any interaction. 

“Only then can they defend against insider threats.”

The Bitglass report comes days after the company announced it had won a US patent for its SAML relay that helps to provide more transparency and real-time access control of cloud services.

SAML, which stands for security assertion markup language, has become popular in recent years as security vendors as an open standard for authentication and authorisation. 

Bitglass designed its SAML relay to allow a cloud access security broker (CASB) to be inserted into the traffic flow between users and cloud services during the login process, all in a transparent manner.

Bitglass CEO Nat Kausik says, “This patent is further recognition that Bitglass is the architect of SAML relay and reverse proxy technology that all CASB vendors have imitated.”

“For organisations that need transparent cloud security, the Bitglass CASB remains the solution of choice. Today, it is a core component of our SASE offering, along with our SmartEdge Secure Web Gateway and our zero trust network access.”

Story image
ConnectWise launches bug bounty program to bolster cybersecurity strategy
“Crowdsourcing in this way represents a solid additional layer of security, and we clearly value the community's expertise and participation in helping us keep our products secure."More
Story image
Exabeam and Code42 partner up to launch insider threat solution
The solution will give customers a fuller picture of their environment, and will leverage automated incident response to obstruct insider threat before data loss occurs.More
Story image
APAC organisations struggle to find balance between digital adoption and cybersecurity
Organisations in the Asia Pacific (APAC) region are significantly concerned about security threats, but nevertheless are looking to advance operations through digital adoption.More
Story image
75% of IT execs 'worried' about being targeted in cyber-attack
A new report from ConnectWise has shed light on the widespread concern about cyber-attacks, with 91% of SMB executives considering a move to an MSP if it provided the 'right' solution.More
Story image
Gartner predicts 75% of CEOs to be liable for cyber-physical security incidents by 2024
The nature of CPSs means incidents can quickly lead to physical harm to people, destruction of property or environmental disasters – and Gartner’s new research indicates that these incidents will increase drastically in the next few years if the lack of spending on these assets continues.More
Story image
Interview: Check Point profiles 5 battles that SOC teams face in 2020
Security operations centres (SOCs) are often the first lines of defence.More