Welcome!

News Feed Item

Nearly Half of IT Professionals More Concerned About Insider Threats than External Threats, with Naive Individuals and Employees Bending the Rules Driving Concerns

New Report Reveals Data on Growing Insider Threats and the Need for End User Cybersecurity Engagement

SAN FRANCISCO, CA -- (Marketwired) -- 12/01/16 -- Despite the perception that hackers are a company's biggest cybersecurity threat, insiders, including careless or naïve employees, are now viewed as an equally important problem, according to new research from Preempt, pioneer of the industry's first behavioral firewall.

The survey by Dimensional Research and commissioned by Preempt, titled, "The Growing Security Threat from Insiders," found that about half (49 percent) of IT security professionals surveyed are more concerned about internal threats than external threats. Malware installed unintentionally by employees was the top concern of respondents, ahead of stolen or compromised credentials, snatched data and abuse of admin privileges.

"Internal threats are emerging as equally as important as external threats, according to respondents. This means that an employee cutting corners to get their job done more efficiently is viewed as potentially just as dangerous as a malicious external hacker," said Diane Hagglund, founder and principal of Dimensional Research. "Yet these views aren't reflected in the allocation of security budgets, which is traditionally focused on perimeter security."

In addition to concerns about insider threats, the report also analyzed cybersecurity training and end user engagement programs. While 95 percent of the companies surveyed provide end user security training, only 10 percent believe the training is very effective.

"Intentional or not, insider threats are real," says Ajit Sancheti, co-founder and CEO of Preempt. "From Snowden to the FDIC, headlines continue to emerge and we need to take a new approach to get ahead of insider threats. Without real-time prevention solutions and improved employee engagement, these threats will not only increase, but find more sophisticated ways to infiltrate and navigate a network. The future of security practices rely on the ability to not only understand users and anticipate attacks, but also how to mitigate threats as quickly as possible."

Key Findings

  • Insider threats are a growing problem for enterprises
    • About half (49 percent) are more concerned about internal threats than external threats.
    • Top concerns are malware installed by careless employees (73 percent), stolen or compromised credentials (66 percent), stolen data (65 percent), and abuse of admin privileges (63 percent).
    • The majority of security professionals (87 percent) are most concerned about naive individuals or employees who bend the rules to get their job done; only 13 percent are more concerned about malicious insiders who intend to do harm.

  • End user engagement is critical to the success of security programs
    • While 95 percent provide end user security training, only 10 percent believe the training is very effective.
    • 81 percent say end users are willing to learn, but only 25 percent say they are willing to put in the effort to learn.
    • 66 percent see value in providing real-time training and feedback when an end user does something they shouldn't.

  • Security teams need additional solutions and approaches to help protect from insider threats
    • Only 10 percent describe their security team as lacking necessary skills.
    • 64 percent have the skills, but are overworked so can't respond.
    • 91 percent report insiders have access to systems they shouldn't.
    • 70 percent can't effectively monitor privileged user activities.

The Preempt Behavioral Firewall can detect and prevent insider threats by identifying risky behavior and engages with the user or employee in real-time to validate legitimate or malicious activities. The type of response adapts based on type of threat, user and other key security vectors. This proactive approach, along with greater visibility and insights, helps customers better secure their network and reduce their attack surface.

Survey Methodology and Participant Demographics
This data is based on a survey of 317 IT professionals with responsibility for security. All worked at companies with over 1000 employees. Questions were asked on a wide range of subjects including concerns about insider threats, role of end user engagement in security, and barriers to protecting against insider threats.

To download a copy of the report, visit http://info.preempt.com/insider_threat_report.

Additional Resources

About Preempt
Preempt protects enterprises from security breaches and malicious insiders with the industry's first Behavioral Firewall. This innovative and patented solution couples User and Entity Behavior Analysis (UEBA) and Adaptive Response to provide the most effective solution for both detecting and automatically responding to security threats. This proactive approach allows organizations to preempt threats in real-time without engaging already overwhelmed security teams. The company has its headquarters in San Francisco, CA and development in Israel. Learn more at www.preempt.com.

Media Contact
Jim Dvorak
Kulesa Faul for Preempt
(415) 735-1622
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
Interoute has announced the integration of its Global Cloud Infrastructure platform with Rancher Labs’ container management platform, Rancher. This approach enables enterprises to accelerate their digital transformation and infrastructure investments. Matthew Finnie, Interoute CTO commented “Enterprises developing and building apps in the cloud and those on a path to Digital Transformation need Digital ICT Infrastructure that allows them to build, test and deploy faster than ever before. The int...
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service.
Niagara Networks exhibited at the 19th International Cloud Expo, which took place at the Santa Clara Convention Center in Santa Clara, CA, in November 2016. Niagara Networks offers the highest port-density systems, and the most complete Next-Generation Network Visibility systems including Network Packet Brokers, Bypass Switches, and Network TAPs.
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
SYS-CON Events announced today that Outlyer, a monitoring service for DevOps and operations teams, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Outlyer is a monitoring service for DevOps and Operations teams running Cloud, SaaS, Microservices and IoT deployments. Designed for today's dynamic environments that need beyond cloud-scale monitoring, we make monitoring effortless so you ...
Virtualization over the past years has become a key strategy for IT to acquire multi-tenancy, increase utilization, develop elasticity and improve security. And virtual machines (VMs) are quickly becoming a main vehicle for developing and deploying applications. The introduction of containers seems to be bringing another and perhaps overlapped solution for achieving the same above-mentioned benefits. Are a container and a virtual machine fundamentally the same or different? And how? Is one techn...
My team embarked on building a data lake for our sales and marketing data to better understand customer journeys. This required building a hybrid data pipeline to connect our cloud CRM with the new Hadoop Data Lake. One challenge is that IT was not in a position to provide support until we proved value and marketing did not have the experience, so we embarked on the journey ourselves within the product marketing team for our line of business within Progress. In his session at @BigDataExpo, Sum...
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor - all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
What sort of WebRTC based applications can we expect to see over the next year and beyond? One way to predict development trends is to see what sorts of applications startups are building. In his session at @ThingsExpo, Arin Sime, founder of WebRTC.ventures, will discuss the current and likely future trends in WebRTC application development based on real requests for custom applications from real customers, as well as other public sources of information,
China Unicom exhibit at the 19th International Cloud Expo, which took place at the Santa Clara Convention Center in Santa Clara, CA, in November 2016. China United Network Communications Group Co. Ltd ("China Unicom") was officially established in 2009 on the basis of the merger of former China Netcom and former China Unicom. China Unicom mainly operates a full range of telecommunications services including mobile broadband (GSM, WCDMA, LTE FDD, TD-LTE), fixed-line broadband, ICT, data communica...
As software becomes more and more complex, we, as software developers, have been splitting up our code into smaller and smaller components. This is also true for the environment in which we run our code: going from bare metal, to VMs to the modern-day Cloud Native world of containers, schedulers and micro services. While we have figured out how to run containerized applications in the cloud using schedulers, we've yet to come up with a good solution to bridge the gap between getting your contain...
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, will discuss some of the security challenges of the IoT infrastructure and relate how these aspects impact Smart Living. The material will be delivered i...
Apache Hadoop is emerging as a distributed platform for handling large and fast incoming streams of data. Predictive maintenance, supply chain optimization, and Internet-of-Things analysis are examples where Hadoop provides the scalable storage, processing, and analytics platform to gain meaningful insights from granular data that is typically only valuable from a large-scale, aggregate view. One architecture useful for capturing and analyzing streaming data is the Lambda Architecture, represent...
As organizations realize the scope of the Internet of Things, gaining key insights from Big Data, through the use of advanced analytics, becomes crucial. However, IoT also creates the need for petabyte scale storage of data from millions of devices. A new type of Storage is required which seamlessly integrates robust data analytics with massive scale. These storage systems will act as “smart systems” provide in-place analytics that speed discovery and enable businesses to quickly derive meaningf...