The majority (70%) of organizations are seeing insider attacks more frequently, with 60% experiencing at least one attack within the past 12 months, according to the Nucleus Cyber 2019 Insider Threat Report, conducted with Cybersecurity Insiders, released on Thursday.
The report surveyed 400,000 members of the Cybersecurity Insiders community to determine how prevalent email attacks are in the cyber threat landscape. Some 68% of respondents reported feeling “extremely to moderately” vulnerable to them, and 85% said it’s difficult to fully see the damage caused from each attack.
SEE: 27 ways to reduce insider security threats (free PDF) (TechRepublic)
“Security and IT teams’ attention is focused on hackers, but attacks from within are a significant threat to every industry. Organizations must be well-equipped to safeguard sensitive information from outsiders and insiders alike,” said Kurt Mueffelmann, CEO of Nucleus Cyber, in a press release. “The 2019 Insider Threat Report findings should raise the alarm for every organization to evaluate their preparedness, strategies, and tools used to protect data from increasing inside threats.”
The effects of insider attacks are even more difficult to determine in cloud environments, the report found. More than half (56%) of respondents said that since they’ve migrated to the cloud, detecting insider attacks has become “significantly to somewhat” harder, and 39% said they believe cloud storage and file sharing applications are the most vulnerable.
The types of insider threats companies are most worried about include inadvertent data breaches or leaks (70%), negligent data breaches (66%), and malicious or purposeful data breaches (62%), according to the report.
Some of the biggest driving factors behind malicious insider threats include fraud (57%), monetary gain (50%), IP theft (43%), sabotage (41%), and espionage (32%).
To combat insider threats, companies are using a variety of tactics including user training (51%), an information security governance program (41%), user activity monitoring (36%), database activity monitoring (31%), and secondary authentication practices (30%).
For more, check out Why insider security threats are on the rise and so difficult to detect on TechRepublic.