CAMPBELL, Calif. — Bitglass released its 2020 Insider Threat Report, which uncovers the state of enterprise security as it pertains to insider threats. Bitglass partnered with a leading cybersecurity community and surveyed IT professionals to understand how their businesses balance budgetary and data protection concerns while defending against insider threats.
Employees, whether careless or malicious, can pose a great risk to organizations. A majority of survey respondents (61%) reported at least one insider attack over the last 12 months. Of those, 22% reported at least six separate attacks. Businesses are currently undergoing seismic shifts, including rapid migrations to the cloud and widespread adoptions of remote work and bring your own device (BYOD) policies. Along with these trends, securing against insider threats has become increasingly challenging. Most organizations cannot guarantee detection of insider threats stemming from personal devices (82%) or the cloud (50%), and 81% find it difficult to even assess the impact of insider attacks.
Despite these concerns, few respondents have a single platform that delivers complete, unified visibility and control for any interaction. When dealing with multiple disjointed tools that provide disparate levels of protection, security professionals spend an inordinate amount of time managing each of the solutions individually. As such, 49% of respondents stated that at least one week typically goes by before insider attacks are detected; additionally, 44% said that another week usually passes before the organization recovers from the attacks.
While organizations were already working with constrained security budgets before the pandemic, security teams are now being asked to do even more with less. Among the companies that participated, 73% of security budgets are decreasing or staying flat over the next year.
“Enterprises report that loss of critical data and disruption to business operations are the biggest repercussions of insider attacks,” said Anurag Kahol, CTO of Bitglass. “Along with brand damage, remediation costs, legal liabilities, and loss of revenue, these are serious ramifications that must be prevented. Enterprises need a multifaceted security platform that is designed to monitor user behavior, secure personal devices, deliver maximum uptime and cost savings, and prevent leakage on any interaction. Only then can they defend against insider threats.”