Blog - article

Sorry, this blog post has not been posted yet. Come back and check again later!

Insider threats surge while budgets retreat

By:
Wade Williamson
June 4, 2015

The Information Security Community on LinkedIn recently completed a survey of more than 500 cybersecurity professionals on the topic of insider threats. This report reveals the real-world trends and challenges of combating insider threats from the viewpoint of the security professionals who do it every day.

Let’s take a look at some of these trends and what they may mean for information security.

Insider threats are on the rise, but budgets are not

Security teams have long been asked to do more with less, but this trend is particularly stark in the area of malicious insiders.

The study shows that 62% of respondents saw more insider threats over the past year, but only 34% expect to get more budget to address the problem. Underscoring this problem, 68% feel vulnerable and less than half feel they have appropriate control over insider threats.

Click here to get a copy of the full report.

Given the lack of budget for insider threats, it’s critical that security teams squeeze as much value out of their solutions as possible. This is where Vectra is incredibly valuable.

Focusing on the internal behavior of hosts on the network, Vectra successfully detects both insider threats and externally driven cyber attacks. This makes Vectra far more cost-effective than single-function products that focus only on insider threats.

High degree of difficulty

The LinkedIn survey confirms that insider threats are hard to solve. In fact, 62% said insider threats are harder to detect than externally-driven attacks because trusted insiders already have credentialed access to the network and services.

This exposes a vital point about the overlap between insider threats and cyber attacks. In most cases, cyber attackers want what trusted users already have – network access credentials. In both cases, detecting a threat requires security teams to proactively identify when a host behaves abnormally or in a way that could expose data or assets.

Vectra software tracks the flow of data within a network to proactively identify the acquisition, staging, and stealing of data, regardless of whether it’s driven by an insider or an outsider. More importantly, Vectra does so without the need for signatures or highly complex policies typically found in DLP solutions.

The need to be proactive

As mentioned earlier, most survey respondents said they lacked the appropriate tools to mitigate insider threats, and an analysis of the tools available to them underscores this point.The study found that user training (45%) and background checks (41%) were the most commonly reported controls for combating insider threats. In the end, these wise yet passive precautions won’t help organizations that are faced with live, active insider threats.

‍Once again, it is imperative to proactively identify threats in real-time so security teams can take action before data is lost. Unlike preventive measures that only reduce exposure or analytics platforms that document loss, Vectra automatically analyzes and correlates all traffic in your network to proactively uncover insider threats in real time.

While there’s no silver bullet to stop malicious insiders, the LinkedIn report shows that organizations can do considerably better. The Vectra solution addresses the gap in network security posture, while protecting an organization’s most critical assets.

Click here to review a full copy of the report.

About the author

Wade Williamson

Wade Williamson is a cybersecurity writer, product manager and marketer. Wade held a position as director of product marketing at Vectra with previous experience as a security researcher at Shape Security. Prior to Shape Security, he was a senior security analyst at Palo Alto Networks.

Author profile and blog posts

Most recent blog posts from the same author

Cybersecurity

Bringing attack detections to the data center

September 13, 2016
Read blog post
Breach

The new vulnerability that creates a dangerous watering hole in your network

July 12, 2016
Read blog post
Cybersecurity

Ransomware, encryption and machine learning – Three key takeaways from Infosecurity 2016

June 15, 2016
Read blog post