Bitglass, the Next-Gen CASB company, has cautioned that insider attacks are escalating and that a significant number of organisations are failing to monitor user behaviour across their cloud footprints.
The warnings come in response to a survey of IT professionals - Threatbusters, Bitglass’s 2019 Insider Threat Report. In partnership with a leading cybersecurity community, the survey covered insider threats, as well as what organisations are doing to defend against them.
The report found that 73 percent of respondents believe that insider attacks have become more frequent in the past year. Additionally, 59 percent said that their organisations experienced at least one insider attack over the past 12 months.
As corporate data moves to more devices and cloud applications, failing to implement the appropriate security controls will only serve to further enable these threats.
“Insider attacks are harder to identify and remediate than those that originate from outside the enterprise,” said Rich Campagna, CMO of Bitglass. “This is caused by a number of factors highlighted throughout the report, including insufficient authentication, inadequate user behaviour monitoring in the cloud, and a failure to properly secure personal devices.
If organisations want to prevent insider attacks, they have to address these security gaps.”
# 41 percent of respondents said that their organizations do not monitor for abnormal user behaviour across their cloud footprints.
# Only 12 percent of enterprises are consistently able to detect insider threats stemming from personal mobile devices, including those that are off premises or lack agents.
# 56 percent of respondents believe it is more challenging to detect insider threats after migrating to the cloud.
# 68 percent of organisations feel moderately to extremely vulnerable to insider threats.
# Only 50 percent of organizations provide user trainings about insider threats, and a mere 31 percent implement secondary authentication to defend against them.
# 56 percent of respondents claimed their organisations can detect insider threats within the day that they occur; 50 percent said that they can recover from an insider attack within the same time period.
To learn more about the state of insider threats and how enterprises are defending against them, download the full report here:
For more information: