Research: 61% of companies have suffered an insider attack in last 12 months
61% of companies have reported at least one insider attack within the last year, and 22% of these companies have suffered at least six separate attacks during the same period, according to new research from Bitglass.
It comes as rapid migration to cloud and remote working and BYOD scenarios leave organisations increasingly vulnerable to insider attacks as a result of the upheaval caused by the COVID-19 pandemic.
The research comes from Bitglass' recently released 2020 Insider Threat Report, which surveyed IT professionals around the world around navigating the tightrope between budgetary considerations and data protection concerns.
Securing against insider threats has become one of the most challenging security concerns for companies, with most organisations being unable to guarantee that they can detect insider threats stemming from personal devices (82%) or the cloud (50%). A further 81% find it difficult to assess the impact of insider attacks.
The common practice of having multiple disjointed tools decreases the chances of speedy detection, according to the research. Having different tools with disparate levels of protection, security professionals spend an excessive amount of time managing each of the solutions individually.
As such, 49% of respondents stated that at least one week typically goes by before insider attacks are detected; additionally, 44% said that another week usually passes before the organisation recovers from the attacks.
The growing threat of insider attack is exacerbating budgets that were already constrained before the pandemic, and security teams are increasingly being asked to do even more with less – 73% of companies' security budgets are decreasing or staying flat over the next year.
"Enterprises report that loss of critical data and disruption to business operations are the biggest repercussions of insider attacks," says Bitglass chief technology officer Anurag Kahol.
"Along with brand damage, remediation costs, legal liabilities, and loss of revenue, these are serious ramifications that must be prevented.
"Enterprises need a multi-faceted security platform that is designed to monitor user behaviour, secure personal devices, deliver maximum uptime and cost savings, and prevent leakage on any interaction.
"Only then can they defend against insider threats.
The Bitglass report comes days after the company announced it had won a US patent for its SAML relay that helps to provide more transparency and real-time access control of cloud services.
SAML, which stands for security assertion markup language, has become popular in recent years as security vendors as an open standard for authentication and authorisation.
Bitglass designed its SAML relay to allow a cloud access security broker (CASB) to be inserted into the traffic flow between users and cloud services during the login process, all in a transparent manner.
Bitglass CEO Nat Kausik says, "This patent is further recognition that Bitglass is the architect of SAML relay and reverse proxy technology that all CASB vendors have imitated.
"For organisations that need transparent cloud security, the Bitglass CASB remains the solution of choice. Today, it is a core component of our SASE offering, along with our SmartEdge Secure Web Gateway and our zero trust network access.