Why insider security threats are on the rise and so difficult to detect

Some 73% of IT professionals said insider attacks have become more frequent in the past year, according to a Bitglass report.

Why companies ignore cybersecurity in digital transformations At RSA 2019, Emily Mossburg of Deloitte explained the challenges companies face when it comes to cybersecurity.

Insider security threats are on the rise, and IT professionals face increasing challenges detecting them, according to the 2019 Insider Threat Report from Bitglass.

Some 73% of IT professionals surveyed said they believe insider attacks have become more frequent in the past year—up from 56% who said the same last year. Nearly 60% said that their organizations experienced at least one insider attack over the past year, an increase from one in three in 2017, the report found.

SEE: 27 ways to reduce insider security threats (free PDF) (TechRepublic)

The reasons for the growth of insider threats stem from corporate data moving to more devices and cloud applications, the report noted. Failing to implement strong security measures will continue to enable these threats, it added.

Detecting insider threats is more difficult today than it was a year ago due to a number of factors, according to the IT workers surveyed, including insiders holding valid credentials, increased use of apps that can leak data, more data leaving the perimeter, more end-user devices that are capable of theft, and migration of sensitive data to the cloud.

For these reasons, 54% of respondents said that it was more difficult to detect insider attacks than it was to detect external cyberattacks.

"Insider attacks are harder to identify and remediate than those that originate from outside the enterprise," Rich Campagna, CMO of Bitglass, said in a press release. "This is caused by a number of factors highlighted throughout the report, including insufficient authentication, inadequate user behavior monitoring in the cloud, and a failure to properly secure personal devices. If organizations want to prevent insider attacks, they have to address these security gaps."

For more, check out TechRepublic's 10 tips for reducing insider security threats.

Also see

istock-509230826-1.jpg
Image: iStockphoto/g-stockstudio

By Alison DeNisco Rayome

Alison DeNisco Rayome is a Senior Editor for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.