News Feed Item

100 Percent of Organizations have Active Insider Threats, Dtex Systems' Research Shows

Failure to eliminate insider threat blind spot leads to rising sensitive data exposure rates on the public web, email and phone revenge attack, more visits to high-risk websites, and leaves trusted employees vulnerable to attacks

SAN JOSE, Calif., May 15, 2018 /PRNewswire/ -- Dtex Systems, a leader in user behavior intelligence and insider threat detection, today announced availability of its 2018 Insider Threat Intelligence Report. Findings are based on threat assessments from global organizations in public and private sector industries.

Dtex Systems Logo (PRNewsfoto/Dtex Systems)

Dtex found active insider threats in all assessed organizations. This is clear proof that no businesses have been able to eliminate the insider threat blind spot. Failure to gain visibility is allowing malicious and negligent employees to engage in undetected high-risk activities on every endpoint, on and off the network. Malicious employees are users that intentionally harm their organizations through theft, sabotage, and blatant disregard for security policies and controls. Negligent employees are often times trusted users that hurt their organizations due to a lack of awareness, error, or because they are not defended against attacks.

Key findings include:

  • 78 percent of assessments found instances of company data that was accessible via the public web, which was caused by negligent employees' improper use of Google Drive, Dropbox, Box and other cloud apps; up 14 percent over last year
  • 60 percent of assessments identified instances of malicious employees using private, anonymous or VPN browsing to bypass security controls or to research how to bypass controls.
  • 90 percent of assessments discovered that negligent employees were transferring company data to unencrypted and unauthorized USB devices.
  • 91 percent of assessments recognized that negligent employees were expanding the phishing attack surface by accessing personal web mail accounts on company machines; a behavior that was up 4 percent over last year.
  • 67 percent of assessments uncovered cases where malicious employees were visiting inappropriate and risky gaming, gambling and pornography websites; up 8 percent over last year.
  • An assessment exposed a "revenge" attack, where a malicious employee filled out online forms with a senior staff member's contact details, this caused the target's inbox and phone to be overrun with nuisance emails and calls.

To conduct the threat assessments covered in the report, Dtex analyzed anonymized data about user behaviors taking place on public and private sector organizations' endpoints. The data was compared to more than 5,000 known bad-behavior patterns and then turned into intelligence that revealed where insider threat patterns were active. Organizations examined are based in North America, South America and Europe. They included small, midsize and large multinational corporations in a wide range of industries: financial services, legal, technology, public sector, energy, retail, transportation, real estate, and pharmaceutical. Organizations reviewed span the small, mid-size and large categories. Some employ as few as 500, others more than 100,000. To access the full report visit: https://dtexsystems.com/2018-insider-threat-intelligence-report  

Supporting Quotes
"While malicious users are always looking for new ways to defy security controls, not all internal risk comes from bad intent. Trusted employees don't always understand when they are engaged in damaging activities and can fall prey to bad actors looking to steal their credentials. The lack of visibility into all types of user behaviors is creating employee-driven vulnerability problems for every business," said Christy Wyatt, CEO, Dtex Systems. "Organizations have to secure data, neutralize risky behaviors and protect trusted employees against attacks and their own errors. To accomplish all of this, they have to see how their people are behaving and have a mechanism that provides alerts when things go wrong."

"Organizations come to us because they know their employees are engaged in risky behaviors. They usually have no clue of how wide spread these activities are until after we eliminate the insider threat blind spot for them," said Rajan Koo, vice president of customer engineering and lead threat researcher. "After we provide them with intelligence that shows them where risk exists, they are able to take steps to mitigate situations before they worsen."

"Business needs to get out of the cybersecurity denial phase it is stuck in. To do this, it must accept that it needs more visibility into what's going on in its environment," said IT-Harvest Chief Research Analyst and Charles Stuart University Lecturer Richard Stiennon. "This report is a needed reminder of just how oblivious organizations are to high-risk activities that lead to things like data breaches, ransomware attacks and IP theft."

Follow Dtex on Twitter: https://twitter.com/DtexSystems  
Join Dtex on LinkedIn: https://www.linkedin.com/company-beta/113769/ 
Like Dtex on Facebook: https://www.facebook.com/Dtex-Systems-297181017056254 

About Dtex Systems
Dtex Systems arms enterprises across the globe with revolutionary technology to protect against user threats, data breaches, and outsider infiltration. As the only solution combining unparalleled endpoint visibility with advanced analytics, Dtex is able to pinpoint threats with greater accuracy than traditional security methods without adversely impacting user productivity. To learn more, visit www.dtexsystems.com.


Cision View original content with multimedia:http://www.prnewswire.com/news-releases/100-percent-of-organizations-have-active-insider-threats-dtex-systems-research-shows-300648256.html

SOURCE Dtex Systems

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...
SYS-CON Events announced today that IoT Global Network has been named “Media Sponsor” of SYS-CON's @ThingsExpo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. The IoT Global Network is a platform where you can connect with industry experts and network across the IoT community to build the successful IoT business of the future.
DXWorldEXPO LLC announced today that Kevin Jackson joined the faculty of CloudEXPO's "10-Year Anniversary Event" which will take place on November 11-13, 2018 in New York City. Kevin L. Jackson is a globally recognized cloud computing expert and Founder/Author of the award winning "Cloud Musings" blog. Mr. Jackson has also been recognized as a "Top 100 Cybersecurity Influencer and Brand" by Onalytica (2015), a Huffington Post "Top 100 Cloud Computing Experts on Twitter" (2013) and a "Top 50 C...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
When applications are hosted on servers, they produce immense quantities of logging data. Quality engineers should verify that apps are producing log data that is existent, correct, consumable, and complete. Otherwise, apps in production are not easily monitored, have issues that are difficult to detect, and cannot be corrected quickly. Tom Chavez presents the four steps that quality engineers should include in every test plan for apps that produce log output or other machine data. Learn the ste...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
Evan Kirstel is an internationally recognized thought leader and social media influencer in IoT (#1 in 2017), Cloud, Data Security (2016), Health Tech (#9 in 2017), Digital Health (#6 in 2016), B2B Marketing (#5 in 2015), AI, Smart Home, Digital (2017), IIoT (#1 in 2017) and Telecom/Wireless/5G. His connections are a "Who's Who" in these technologies, He is in the top 10 most mentioned/re-tweeted by CMOs and CIOs (2016) and have been recently named 5th most influential B2B marketeer in the US. H...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
When building large, cloud-based applications that operate at a high scale, it's important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. "Fly two mistakes high" is an old adage in the radio control airplane hobby. It means, fly high enough so that if you make a mistake, you can continue flying with room to still make mistakes. In his session at 18th Cloud Expo, Le...
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
Daniel Jones is CTO of EngineerBetter, helping enterprises deliver value faster. Previously he was an IT consultant, indie video games developer, head of web development in the finance sector, and an award-winning martial artist. Continuous Delivery makes it possible to exploit findings of cognitive psychology and neuroscience to increase the productivity and happiness of our teams.
Digital transformation has increased the pace of business creating a productivity divide between the technology haves and have nots. Managing financial information on spreadsheets and piecing together insight from numerous disconnected systems is no longer an option. Rapid market changes and aggressive competition are motivating business leaders to reevaluate legacy technology investments in search of modern technologies to achieve greater agility, reduced costs and organizational efficiencies. ...