Welcome!

News Feed Item

Nearly Half of IT Professionals More Concerned About Insider Threats than External Threats, with Naive Individuals and Employees Bending the Rules Driving Concerns

New Report Reveals Data on Growing Insider Threats and the Need for End User Cybersecurity Engagement

SAN FRANCISCO, CA -- (Marketwired) -- 12/01/16 -- Despite the perception that hackers are a company's biggest cybersecurity threat, insiders, including careless or naïve employees, are now viewed as an equally important problem, according to new research from Preempt, pioneer of the industry's first behavioral firewall.

The survey by Dimensional Research and commissioned by Preempt, titled, "The Growing Security Threat from Insiders," found that about half (49 percent) of IT security professionals surveyed are more concerned about internal threats than external threats. Malware installed unintentionally by employees was the top concern of respondents, ahead of stolen or compromised credentials, snatched data and abuse of admin privileges.

"Internal threats are emerging as equally as important as external threats, according to respondents. This means that an employee cutting corners to get their job done more efficiently is viewed as potentially just as dangerous as a malicious external hacker," said Diane Hagglund, founder and principal of Dimensional Research. "Yet these views aren't reflected in the allocation of security budgets, which is traditionally focused on perimeter security."

In addition to concerns about insider threats, the report also analyzed cybersecurity training and end user engagement programs. While 95 percent of the companies surveyed provide end user security training, only 10 percent believe the training is very effective.

"Intentional or not, insider threats are real," says Ajit Sancheti, co-founder and CEO of Preempt. "From Snowden to the FDIC, headlines continue to emerge and we need to take a new approach to get ahead of insider threats. Without real-time prevention solutions and improved employee engagement, these threats will not only increase, but find more sophisticated ways to infiltrate and navigate a network. The future of security practices rely on the ability to not only understand users and anticipate attacks, but also how to mitigate threats as quickly as possible."

Key Findings

  • Insider threats are a growing problem for enterprises
    • About half (49 percent) are more concerned about internal threats than external threats.
    • Top concerns are malware installed by careless employees (73 percent), stolen or compromised credentials (66 percent), stolen data (65 percent), and abuse of admin privileges (63 percent).
    • The majority of security professionals (87 percent) are most concerned about naive individuals or employees who bend the rules to get their job done; only 13 percent are more concerned about malicious insiders who intend to do harm.

  • End user engagement is critical to the success of security programs
    • While 95 percent provide end user security training, only 10 percent believe the training is very effective.
    • 81 percent say end users are willing to learn, but only 25 percent say they are willing to put in the effort to learn.
    • 66 percent see value in providing real-time training and feedback when an end user does something they shouldn't.

  • Security teams need additional solutions and approaches to help protect from insider threats
    • Only 10 percent describe their security team as lacking necessary skills.
    • 64 percent have the skills, but are overworked so can't respond.
    • 91 percent report insiders have access to systems they shouldn't.
    • 70 percent can't effectively monitor privileged user activities.

The Preempt Behavioral Firewall can detect and prevent insider threats by identifying risky behavior and engages with the user or employee in real-time to validate legitimate or malicious activities. The type of response adapts based on type of threat, user and other key security vectors. This proactive approach, along with greater visibility and insights, helps customers better secure their network and reduce their attack surface.

Survey Methodology and Participant Demographics
This data is based on a survey of 317 IT professionals with responsibility for security. All worked at companies with over 1000 employees. Questions were asked on a wide range of subjects including concerns about insider threats, role of end user engagement in security, and barriers to protecting against insider threats.

To download a copy of the report, visit http://info.preempt.com/insider_threat_report.

Additional Resources

About Preempt
Preempt protects enterprises from security breaches and malicious insiders with the industry's first Behavioral Firewall. This innovative and patented solution couples User and Entity Behavior Analysis (UEBA) and Adaptive Response to provide the most effective solution for both detecting and automatically responding to security threats. This proactive approach allows organizations to preempt threats in real-time without engaging already overwhelmed security teams. The company has its headquarters in San Francisco, CA and development in Israel. Learn more at www.preempt.com.

Media Contact
Jim Dvorak
Kulesa Faul for Preempt
(415) 735-1622
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
SYS-CON Events announced today that Datanami has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Datanami is a communication channel dedicated to providing insight, analysis and up-to-the-minute information about emerging trends and solutions in Big Data. The publication sheds light on all cutting-edge technologies including networking, storage and applications, and the...
After more than five years of DevOps, definitions are evolving, boundaries are expanding, ‘unicorns’ are no longer rare, enterprises are on board, and pundits are moving on. Can we now look at an evolution of DevOps? Should we? Is the foundation of DevOps ‘done’, or is there still too much left to do? What is mature, and what is still missing? What does the next 5 years of DevOps look like? In this Power Panel at DevOps Summit, moderated by DevOps Summit Conference Chair Andi Mann, panelists loo...
SYS-CON Events announced today that EnterpriseTech has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. EnterpriseTech is a professional resource for news and intelligence covering the migration of high-end technologies into the enterprise and business-IT industry, with a special focus on high-tech solutions in new product development, workload management, increased effi...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
Cloud promises the agility required by today’s digital businesses. As organizations adopt cloud based infrastructures and services, their IT resources become increasingly dynamic and hybrid in nature. Managing these require modern IT operations and tools. In his session at 20th Cloud Expo, Raj Sundaram, Senior Principal Product Manager at CA Technologies, will discuss how to modernize your IT operations in order to proactively manage your hybrid cloud and IT environments. He will be sharing bes...
A look across the tech landscape at the disruptive technologies that are increasing in prominence and speculate as to which will be most impactful for communications – namely, AI and Cloud Computing. In his session at 20th Cloud Expo, Curtis Peterson, VP of Operations at RingCentral, highlighted the current challenges of these transformative technologies and shared strategies for preparing your organization for these changes. This “view from the top” outlined the latest trends and developments i...
Automation is enabling enterprises to design, deploy, and manage more complex, hybrid cloud environments. Yet the people who manage these environments must be trained in and understanding these environments better than ever before. A new era of analytics and cognitive computing is adding intelligence, but also more complexity, to these cloud environments. How smart is your cloud? How smart should it be? In this power panel at 20th Cloud Expo, moderated by Conference Chair Roger Strukhoff, paneli...
Hardware virtualization and cloud computing allowed us to increase resource utilization and increase our flexibility to respond to business demand. Docker Containers are the next quantum leap - Are they?! Databases always represented an additional set of challenges unique to running workloads requiring a maximum of I/O, network, CPU resources combined with data locality.
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex software systems for startups and enterprises. Since 2009 it has grown from a small group of passionate engineers and business...
SYS-CON Events announced today that GrapeUp, the leading provider of rapid product development at the speed of business, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company, specialized in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market acr...
SYS-CON Events announced today that Ayehu will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara California. Ayehu provides IT Process Automation & Orchestration solutions for IT and Security professionals to identify and resolve critical incidents and enable rapid containment, eradication, and recovery from cyber security breaches. Ayehu provides customers greater control over IT infras...
Artificial intelligence, machine learning, neural networks. We’re in the midst of a wave of excitement around AI such as hasn’t been seen for a few decades. But those previous periods of inflated expectations led to troughs of disappointment. Will this time be different? Most likely. Applications of AI such as predictive analytics are already decreasing costs and improving reliability of industrial machinery. Furthermore, the funding and research going into AI now comes from a wide range of com...
SYS-CON Events announced today that SourceForge has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SourceForge is the largest, most trusted destination for Open Source Software development, collaboration, discovery and download on the web serving over 32 million viewers, 150 million downloads and over 460,000 active development projects each and every month.
In this presentation, Striim CTO and founder Steve Wilkes will discuss practical strategies for counteracting fraud and cyberattacks by leveraging real-time streaming analytics. In his session at @ThingsExpo, Steve Wilkes, Founder and Chief Technology Officer at Striim, will provide a detailed look into leveraging streaming data management to correlate events in real time, and identify potential breaches across IoT and non-IoT systems throughout the enterprise. Strategies for processing massive ...