Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Survey: Insider Threats and Cyber Security


Published on

A survey of 310 IT security professionals taken at the Infosecurity Europe trade show by Imperva. The survey found that when it comes to insider threats, over half (58 percent) of the IT security professionals were deeply concerned about careless users who unwittingly put their organization’s data at risk.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Survey: Insider Threats and Cyber Security

  1. 1. The Weakest Link: Insider Threats and Cyber Security A survey of 310 cyber security pros
  2. 2. Threats from insiders, while not as common in breaches as external actors, are still significant and damaging. According to the 2017 Verizon Data Breach Investigations Report (DBIR), insider threats account for 15 percent of breaches and often take months or years to detect.
  3. 3. 56% 22% 22% Very Somewhat Not at all Don’t Know (0%) In Terms of Cyber Security, How Worried Are You About Insider Threats?
  4. 4. Does Your Company Have a Solution in Place to Addresses Insider Threats? 85% Yes 14% No 1% Don’t Know
  5. 5. Which Type of Insider Threats are Most Worrisome? Careless User Insiders who inadvertently put sensitive data at risk 59% Malicious User Insiders whose credentials are stolen, or unknowingly introduce malware into the enterprise 19% Compromised User Insiders who deliberately steal or destroy company assets 22%
  6. 6. What Makes Detecting Insider Threats the Most Difficult? Lack of staff to analyze permissions data on employee access Lack of tools to monitor employee and other insiders' activities More company assets on the network/ cloud More employees, contractors, business partners have access to our network 44% 22% 20% 14%
  7. 7. Regarding Investigating Insider Threats, What is the Most Time-consuming Task? Managing too many security alerts 55% Collecting information from diverse security tools 16% Forensic or incident analysis 15% Tuning security tools 14%
  8. 8. If Machine Learning Solutions Helped to Address Insider Threats, How Much Time Would This Save Weekly?
  9. 9. Regarding Access to Files, How is Permission Granted to Employees? By department 39% By job level 35% By project 26%
  10. 10. Regarding Access to Internal Data and Files, Do you Review User Permissions to Ensure Access is Appropriate for the User’s Job Function? 18% 27% 17% 34% 4% 75-100% of the time 50-75% of the time 25-50% of the time 0-25% of the time Don’t know
  11. 11. “Because users have legitimate access to enterprise data, threats from the inside can be present for long periods of time before finally being detected. What’s more, costs associated with loss of data can run in the millions and lead to customer loss, brand damage and stock price decline.” - Terry Ray, Imperva CTO
  12. 12. “Challenges of Insider Threat Detection” See the Imperva Video Blog: