73 Percent of Organizations Fail to Block Privileged User Access to Sensitive Data Finds “Vormetric 2013 Insider Threat Report”
Data Security lagging with 76 Percent of Unauthorized Data Access Going Undetected
SAN JOSE, Calif. – October 7, 2013 – Thales eSecurity, a leader in enterprise data security for physical, virtual and cloud security, today announced the results from its Insider Threat Report, conducted in conjunction with Enterprise Strategy Group. The study surveyed more than 700 IT security decision-makers. It was created with the goal of providing timely, relevant information about issues surrounding Insider Threats and Privileged Users. With a focus primarily on large enterprise organizations, the study indicates that there are major gaps between existing security processes and the technologies currently in place to address insider threats. For example, only 27 percent of respondents block privileged user access to data, a proven method of mitigating insider attacks, while 66 percent of respondents use perimeter focused network intrusion detection and prevention tools to identify and prevent insider threats although it is well understood that these tools weren’t designed for insider threat detection but to protect from external threats.
“The data is clear – IT decision-makers are concerned about insider threats and data breaches, but tend to rely on perimeter and network security focused tools today, rather than securing the data at its source,” said Jon Oltsik, Senior Principal Analyst at Enterprise Strategy Group. “What this research highlights is that large organizations need a data-centric security strategy. Insider attacks are increasingly difficult to prevent and detect, and the research findings reveal the need for a change in approach.”
The more forward looking and sophisticated organizations were using technology approaches that are proven protections against malicious insiders, or malware attacks that compromise insider credentials such as APTs, but were in the minority:
- Only 40 percent are monitoring privileged user activities, with just 27 percent blocking privileged user access.
- Nearly half (48 percent) of organizations only review sensitive data access monthly and a startling 76 percent admit to not being proficient at detecting anomalous data access behavior in real-time.
Yet the results also show that many enterprises still focus protections toward the legacy perimeter approach.
- Network traffic monitoring is the most-used tool to identify and prevent data breaches (56 percent)
- Laptops and desktops are believed to be the biggest threat (49 percent).
- Two thirds (66 percent) use or intend to use Intrusion Detection/Prevention Systems (IDP/IPS) to supplement network traffic monitoring and detect and prevent insider attacks.
However, attitudes and protection plans are changing, with 45 percent of organizations reporting that Edward Snowden has caused them to be more aware of insider threats and over half (53 percent) are increasing their security budgets to offset the problem in the next year. Many of those investments will go into additional protections for data, with 78 percent either already using or planning to use data encryption and an additional 70 percent already using or planning to use data access controls.
“It’s clear that organizations of all kinds are concerned with securing access to sensitive data,” said Alan Kessler, CEO for Thales eSecurity. “While many of the respondents are using more of the right security technologies and tools to help reduce their attack surface, a much larger group is falling short in taking the additional step to protect from insider threats and thwart attacks such as APTs that steal insider credentials.”
The survey results and research report are available from Thales eSecurity and Enterprise Strategy Group. You can find the results here.
About Thales eSecurity
Thales eSecurity (@Thalesesecurity) is the industry leader in data security solutions that span physical, virtual and cloud environments. Data is the new currency and Thales eSecurity helps over 1200 customers, including 17 of the Fortune 25 and many of the world’s most security conscious government organizations, to meet compliance requirements and protect what matters — their sensitive data — from both internal and external threats. The company’s scalable solution suite protects any file, any database and any application — anywhere it resides — with a high performance, market-leading data firewall that incorporates application transparent encryption, privileged user access controls, automation and security intelligence.
Thales eSecurity USA
+1(408) 884 - 5162
Jonathan Mathias / Kasia Murphy
+44 (0)20 7401 7968
VormetricTeam@johnsonking.co.ukVormetric South Korea
+82 2 566 - 8898
Thales eSecurity is a trademark of Thales eSecurity, Inc. All other names mentioned are trademarks, registered trademarks or service marks of their respective owners.