• Home
  • Blog
  • Why Are Internal Threats Increasing? Five Questions to Ask…
Why Are Internal Threats Increasing? Five Questions to Ask…

Why Are Internal Threats Increasing? Five Questions to Ask…

Mar 01, 2019 / Kron

A report published by Cyber-Security Insiders revealed eye-opening responses from CSOs, CIOs and other executives in global enterprises. In summary, their research (commissioned by CA Technologies) uncovered these five facts:

  • Ninety percent of organizations feel vulnerable to insider attacks. The main enabling risk factors include too many users with excessive access privileges (37%), an increasing number of devices with access to sensitive data (36%), and the increasing complexity of information technology (35%).
  • A majority of 53% confirmed insider attacks against their organization in the previous 12 months (typically less than five attacks). Twenty-seven percent of organizations say insider attacks have become more frequent.
  • Organizations are shifting their focus on detection of insider threats (64%), followed by deterrence methods (58%) and analysis and post breach forensics (49%). The use of user behavior monitoring is accelerating; 94% of organizations deploy some method of monitoring users and 93% monitor access to sensitive data.
  • The most popular technologies to deter insider threats are Data Loss Prevention (DLP), encryption, and identity and access management solutions. To better detect active insider threats, companies deploy Intrusion Detection and Prevention (IDS), log management and SIEM platforms.
  • The vast majority (86%) of organizations already have or are building an insider threat program. Thirty-six percent have a formal program in place to respond to insider attacks, while 50% are focused on developing their program.

Insider threats continue to rise, in large part in parallel with the growing attack surface, the adoption of new digital and connected technologies and systems, and the value of private data to competitors, criminals and other nefarious actors.

Here are five questions a CISO, board member, or any executive responsible for ensuring the security of systems and protection of data across enterprises and organizations should ask:

  1. Is the company as focused on internal threats as we are in external attacks? In general, organizations devote most of their prevention-focused security controls on inbound security threats compared to internal-to-internal or outbound threats, despite nearly half of the incidents tracked over the last few years having occurred due to internally caused breaches.
  2. Is the company’s culture sensitized to the pervasive strategy of cybercriminals to turn themselves from outsiders to “insiders” as quickly as possible and to invade internally as quickly as possible? One popular strategy for these bad actors is via spear-phishing and the stealing of the login credentials of an unsuspecting user; some drop Remote Access Trojans (RATs).
  3. Does the company have a Privileged Access Management program and platform? PAM is now one of the top security controls that many CISO’s are prioritizing to help them reduce the risks of cyber-attacks, empower their employees and protect their organizations from unauthorized access. Gartner released a report stating that the #1 project to implement in 2018 was Privileged Access Management, and programs are continuing to grow in 2019.
  4. Have earlier PAM programs been effective? How expensive were they, and how complicated to implement? Legacy solutions have been proven to be difficult and even unfinished, given the issues associated with old solutions being force-fitted into an IT environment moving through a digital transformation, including multi-cloud architectures with software defined perimeters.
  5. How does the company define PAM? What process has been used or should be used to identify the privilege accounts for all critical systems, from infrastructure to sensitive data, security software including patches, premise-based, cloud hosted applications, APIs and more? Has the company completed a data security impact assessment, and is the policy constantly being applied and adapted as technology changes?

Only a comprehensive solution to PAM, and a modern one, can ensure data, applications and infrastructure are properly protected from malicious insider threats and, beyond this risk management, that the company meets increasingly stringent regulatory requirements. And while these first five questions are only a high-level start, being able to answer each leads to deeper discussions about how PAM can play out in the most effective and cost-efficient ways.

Author: Ozge Dogan

Highlights

Enhancing Cybersecurity with AI-Powered Privileged Access Management

Enhancing Cybersecurity with AI-Powered Privileged Access Management

Mar 20, 2024
Reducing Cyber Insurance Costs with Kron PAM: A Smart Move for Businesses

Reducing Cyber Insurance Costs with Kron PAM: A Smart Move for Businesses

Apr 18, 2024
Unlocking Efficiency: The Strategic Advantages of SaaS PAM in Business

Unlocking Efficiency: The Strategic Advantages of SaaS PAM in Business

May 06, 2024
UK’s Telecommunications Security Act (TSA) Code of Practice

UK’s Telecommunications Security Act (TSA) Code of Practice

May 09, 2024
Exploring PAM Deployment Options and Choosing Between SaaS and On-Premise Solutions

Exploring PAM Deployment Options and Choosing Between SaaS and On-Premise Solutions

May 16, 2024
Elevating Privileged Access Management with Kron PAM and Microsoft Entra ID Integration

Elevating Privileged Access Management with Kron PAM and Microsoft Entra ID Integration

May 23, 2024
Enhancing Security with Kron PAM's Multitenancy: A Game-Changer for Large Organizations

Enhancing Security with Kron PAM's Multitenancy: A Game-Changer for Large Organizations

Jun 10, 2024
Safeguarding Your Business from Misuse of AI with Kron PAM

Safeguarding Your Business from Misuse of AI with Kron PAM

Jun 24, 2024

Other Blogs

Blog
5 Tips to Prevent Data Breach at Your Company

5 Tips to Prevent a Data Breach at Your Company

Jan 10, 2021 Read More

Blog
The Way to Avoid Insider Risks: Empathy

The Way to Avoid Insider Risks: Empathy

Nov 29, 2022 Read More

Blog
Gartner's 8 Cybersecurity Predictions for 2023-2025

Gartner's 8 Cybersecurity Predictions for 2023-2025

Feb 13, 2022 Read More

Blog
How to Protect Against Credential Theft with PAM

How to Protect Against Credential Theft with PAM

Jun 20, 2023 Read More

Blog
Enhancing Security with Kron PAM's Multitenancy: A Game-Changer for Large Organizations

Enhancing Security with Kron PAM's Multitenancy: A Game-Changer for Large Organizations

Jun 10, 2024 Read More

Blog
Meet the Krontech Team at the IDC Security Roadshow in Almaty on May 17th, The Ritz Carlton Almaty Hotel

Meet the Krontech Team at the IDC Security Roadshow in Almaty on May 17th, The Ritz Carlton Almaty Hotel

May 17, 2018 Read More

Contact Us

Contact us to learn more about Kron Technologies' telecom and cybersecurity products.