New report from Cybersecurity Insiders and Gurucul shows growing risk of insider attacks as they become more frequent and harder to detect, raising concern among security professionals
LOS ANGELES, January 24, 2023–(BUSINESS WIRE)–Gurucul, a leading and innovative provider of solutions in the next-generation SIEM market, and Cybersecurity Insiders, an online community of more than 600,000 members for information security professionals, released their 2023 Annual Insider Threat Report today. Overall, the results indicate that insider threats are a top concern in organizations of all kinds; only 3% of respondents questioned are not concerned by insider risk.
With responses from over 325 cybersecurity professionals, the report explores the latest trends and challenges facing organizations as they strive to adapt to evolving insider threats, and how organizations are preparing better protect critical data and IT infrastructure.
The report found that organizations have never felt more vulnerable, with three-quarters of respondents saying they feel moderately to extremely vulnerable to insider threats, an 8% increase from the previous year. This increase in perceived vulnerability coincides with a significant increase in insider attacks, as 74% of organizations report that attacks have become more frequent (a 6% increase from last year), with 60% experiencing at least one attack and 25% having suffered more than six. attacks.
Organizations also struggle with insider threats in the cloud and often lack the technical capabilities to detect and prevent them. Almost all organizations (87%) rate unified visibility and control across all applications, devices, web destinations, on-premises resources, and infrastructure as moderately to extremely important. However, less than half (48%) monitor unusual behavior in their cloud footprint and on the web. Additionally, more than half of respondents said insider threat detection is more difficult in the cloud and that the availability and performance of tools such as SASE and CASB are critical to success.
“This report highlights some of the most interesting insider threat challenges facing organizations today. While it shows that 86% use some sort of solution to monitor user behavior in some way or on the other hand, it was surprising to see that access logging was the primary method, and only 25% use automated tools to monitor user behavior 24/7,” said Saryu Nayyar, CEO of Gurucul. “The types of monitoring and analysis used to detect insider threats vary greatly from organization to organization. This highlights the need for better tools and processes to analyze data behavior, user behavior, access and movement on a network both internally and externally to detect and prevent insider attacks.
Some additional key statistics from the report include:
Top factors that make timely detection and prevention of insider attacks difficult include trusted insiders who already have authenticated access to applications, networks and services (54%), increased use of SaaS applications which can leaking data (44%) and an increase in the use of personal devices with access to company resources (42%).
Of all potential insiders, cybersecurity pros are most concerned about users and IT administrators with extended access privileges (60%). This is followed by contractors and third-party service providers (57%), regular employees (55%) and privileged business users (53%).
Compromised accounts/machines are the most concerning type of attack at 77%, but inadvertent and negligent data breaches were more concerning than malicious breaches. It’s a good reminder that user errors and accidental policy violations can be just as harmful as malicious errors.
“The threat landscape has changed dramatically over the past year, as organizations recalibrate to new hybrid working models, access to cloud applications increases, and economic uncertainty pushes insider risks to new heights. new levels,” said Holger Schulze, CEO and Founder of Cybersecurity Insiders. “This report is designed to take the pulse of security professionals working in the trenches to mitigate insider threats and give readers a better understanding of the challenges we all face in the industry.”
To download the entire “2023 Insider Threat Report”, click here https://gurucul.com/2023-insider-threat-report.
Gurucul is a global cybersecurity company changing the way organizations protect their most valuable assets, data and information against internal and external threats, both on-premises and in the cloud. Gurucul’s real-time, cloud-native security operations and analytics platform provides customers with next-generation SIEM, Open XDR, UEBA, and Identity and Access Analytics in a unified platform. It combines machine learning behavior profiling with predictive risk scoring algorithms to predict, prevent and detect breaches. Gurucul technology is used by Global 1000 companies and government agencies to combat cybercrime, IP theft, insider threats and account compromise, as well as for log aggregation, compliance and risk-based security orchestration and automation for extensive real-time detection and response. The company is based in Los Angeles. To learn more, visit https://gurucul.com/ and follow us on LinkedIn and Twitter.
See the source version on businesswire.com: https://www.businesswire.com/news/home/20230124005432/en/
Voxus PR for Gurucul