68% of Firms, Moderate to Extremely Vulnerable To Internal Threats
With malware infestation, data breaches allegedly caused by state-funded actors and phishing attacks becoming headlines in both mainstream media and tech news sites, it is still not the main cause of concern for IT professionals. In a recent survey of IT professionals, 73% of the respondents believe that the main cause for concern is attacks made inside the systems itself, either due to human error or deliberate insider attacks by staff. User account control and strict auditing are two defense against misbehaving users, as the system itself restricts their potential actions that can be performed. However, there will always be firms that will not be able to meet a reasonable level of confidence when it comes to their corporate user account control policies.
The survey was conducted by Bitglass, which styles itself as a global cloud access security broker, they strongly recommend that firms start to get serious about their corporate access control policies. “Insider attacks are harder to identify and remediate than those that originate from outside the enterprise. This is caused by a number of factors highlighted throughout the report, including insufficient authentication, inadequate user behavior monitoring in the cloud, and a failure to properly secure personal devices. If organizations want to prevent insider attacks, they have to address these security gaps,” explained Rich Campagna, CMO of BitGlass.
The problem in the nutshell is IT professionals working in a huge organization are usually not the head honcho, they remain as considered as a cost center for a company. Unless the organization has a strong principle with funding credible cybersecurity policies, through the leadership of a CISO (Chief Information Security Officer) guiding the company towards a secure future.
Without strong leadership from a CISO, around 41% of respondents admitted they don’t have the tools to perform the monitoring of their own network, let alone monitor cloud activities of anyone inside the organization. With only 12% of them able and capable of detecting threats due to BYOD-based smartphones.
As more and more organizations move their applications to the cloud for cheaper maintenance, as the cost of maintenance was offloaded off corporate servers to the service providers. However, the workflow of their employees may not be aligned with the migration, which means that bad habits when using desktop applications get applied the same when the app becomes a cloud-based one. The biggest reason behind it is about only 50% of the respondents confessed that they train their employees to handle issues when it comes to vulnerabilities exposed by their contacts. They do not know how to handle potentially phishing calls, emails and instant messaging, and only 31% of the respondents have a second-factor authentication to even defend against user login credential loses.
“41% of respondents said that their organizations do not monitor for abnormal user behavior across their cloud footprints. 56% percent of respondents claimed that their organizations can detect insider threats within the day that they occur; 50 percent said that they can recover from an insider attack within the same time period,” said in the report.
Kevin Jones949 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.