Gurucul, a leader in behavior based
security and fraud analytics technology, today announced the results of
a survey on insider threats conducted at the recent RSA Conference.
Almost 75% of the more than 650 international IT professionals canvased
said they are vulnerable to insider threats, and ranked user error (39%)
and malicious insiders (35%) ahead of account compromise (26%) as their
leading concern. Small enterprises reported being least vulnerable,
while manufacturing companies led all sectors for being exceedingly
vulnerable. Meanwhile, nearly half of respondents said they can’t detect
insider threats before data has left the organization.
“Insider threats have emerged as the leading concern for companies of
all sizes because they are so difficult to detect and have the potential
to inflict the greatest damage to an organization,” said Saryu Nayyar,
CEO of Gurucul. “This explains why more than 60% of the companies
surveyed are focused on detection and prevention.”
Highlights of the Report
At the RSA Conference 2019, Gurucul
conducted an Insider Threat Survey of 671 international IT
professionals, which spanned small (less than 2,500), medium
(2,501-10,000) and large (more than 10,000) organizations in a range of
industries. Some of the highlights include:
-
72% of respondents said they were somewhat or exceedingly vulnerable
to insider threats, while 18% said they were not vulnerable and 10%
did not know -
The manufacturing sector is the most vulnerable to insider threats
with 16% reporting they were exceedingly vulnerable, followed by
healthcare at 10% -
The leading insider threat was cited as user error (39%), followed by
malicious insiders (35%) and account compromise (26%) -
This varies by industry with technology sector respondents reporting
that malicious insiders are their top concern, with retail citing user
error and financial services & healthcare said it was account
compromise -
Top insider threats are also different depending on company size,
small (user error), medium (user error & malicious insider) and large
(malicious insider) -
When it comes to detecting insider threats, 34% of respondents said
they are able to detect threats in real time, 26% before data
exfiltration, 27% after exfiltration and 13% can’t detect insider
threats -
The majority of companies (61%) said they are focusing on detection
and prevention of insider threats, with 39% saying they are focused on
prediction and response -
Most organizations (61%) are monitoring users and devices to detect
insiders threat, while only 39% are monitoring privileged and service
accounts
A full copy of the report is available here: https://go1.gurucul.com/Insider-Threat-Survey.
About Gurucul
Gurucul is a global cyber security company
that is changing the way organizations protect their most valuable
assets, data and information from insider and external threats both in
the cloud and on premises. Gurucul’s real-time behavior based security
analytics and intelligence technology combines machine learning behavior
profiling with predictive risk-scoring algorithms to predict, detect and
prevent breaches, fraud and insider threats. Gurucul technology is used
by Global 1000 companies and government agencies to fight cyber fraud,
IP theft and account compromise. The company is based in Los Angeles. To
learn more, visit https://gurucul.com/
and follow us on LinkedIn
and Twitter.
View source version on businesswire.com: https://www.businesswire.com/news/home/20190411005038/en/