Within Information Technology, substantial attention is paid to security in the form of endpoint and network level security. But what about threats from the inside?
In a recent report from Crowd Research Partners, 90% of organizations feel vulnerable to insider attacks. Key risk factors include excessive privileges, increasing complexity of information technology, and an increasing number of devices with access to sensitive data.
Popular technologies to mitigate insider threats include Data Loss Prevention (DLP), Identity and Access Management solutions (IAM), and encryption. Also, in order to better detect active insider threats, it is becoming more common to deploy Intrusion Detection and Prevention Systems (IDPS), and log management and Security Information and Event Management (SIEM). The vast majority of surveyed organizations either already have or are building an insider threat program.
To an organization, it makes no difference whether a threat is inside or outside your network, a threat is a threat, and data loss is data loss. Sensitive data needs to be protected, whoever accesses it. What distinguishes an insider threat is the fact that they are already inside the network, having bypassed your perimeter security. An attack from inside is substantially harder to detect, and the results can be all the more damaging.
Does your Disaster Recovery Plan include language to address the insider threat? From a defensive standpoint, all data needs to be protected, no matter who has access to it. Contact us today for assistance.
Read the full report here.