Facing Data Sprawl, Limited Visibility, Organizations Cite Growing Interest In Behavior Analytics to Protect Critical Assets
According to a new survey from Cyberhaven, 51% of organizations lack sufficient data protection strategies to detect and prevent insider threats. As employees shift to remote work, companies are bracing for a surge in both accidental and malicious insider attacks. The survey findings indicate a lack of training, coupled with increased freedom to use new devices and cloud apps, can result in a perfect storm for data exposure.
HR Technology News: Businesses Consider Cybersecurity as an Afterthought Despite Growth in Attacks, EY Survey Finds
The 2020 Insider Threat Report, commissioned by Cyberhaven and conducted by Cybersecurity Insiders, found half of organizations have experienced operational disruption or outages due to insider threats, while 48% have lost critical data. The vast majority of insider attacks target customer data (61%), followed by financial data (54%), and intellectual property (53%).
Powerful Insider Access and Lack of Employee Awareness Create Critical Blind Spots
60% of cybersecurity professionals believe detecting and preventing insider attacks is more difficult than external attacks. It becomes even more difficult as a growing number of employees are given legitimate, credentialed access to networks and services (61%). Without visibility into the movement of sensitive data across their networks, organizations can easily overlook threat actors operating in plain sight.
HR Technology News: Mental Health Tech Pioneer XenZone Announces Tim Barker as CEO
Yet most insider threats are not malicious at all, as 58% report a widespread lack of employee awareness and training that leaves organizations vulnerable. Opportunistic attackers understand this, and have ramped up phishing and ransomware attacks during this time of uncertainty.
HR Technology News: Walmart Gets New Chief People Officer