Analytics
4/9/2009
05:59 PM
Connect Directly
RSS
E-Mail
50%
50%

Many Enterprises Still Don't Recognize Insider Threat, Studies Say

Small businesses are chief laggards in deploying data leakage protection technology, researchers say

Despite recent headlines and instances of insider attacks, many companies still are not acting to protect themselves from insider threats, according to two new analyst reports.

Forrester Research earlier this week published a study called "Data Security Challenges and Technology Adoption in 2008," which offers a detailed look at enterprises' attitudes about security and the deployment of next-generation security technologies.

Although 88 percent of the respondents said they consider data security a "challenging issue," some 40 percent of respondents said they had no interest in, no plans for, or no knowledge of emerging tools for information leak protection.

While the Forrester study included enterprises of all sizes, a separate study published last week by Redshift Research suggests that small businesses may be the chief laggards in recognizing the insider threat.

The Redshift study, which was conducted on behalf of security software vendor GFI, found that approximately half of small and midsize enterprises are "not that concerned" about the possibility of departing employees taking data with them. Only 22 percent believe that internal security threats are greater than external threats.

"This indifference toward the danger of deliberate data leakage is reflected by only 45 percent having security applications in place to automatically screen or prevent network access via portable USB drives," the Redshift study says. "Even fewer (35 percent) screen network access via PDAs -- making it far too easy for employees to edit, copy, delete, or distribute sensitive data."

Sixty percent of small organizations have no formal policy for regulating access to the network by portable devices, Redshift says. Twenty-one percent of respondents have no ability to track where business-critical data is stored at any point in time, 33 percent cannot track what portable devices have been connected to the network, and 41 percent have no ability to tell what data has been downloaded to these devices, the study says.

"Too much emphasis has historically been placed upon the need for antivirus and antispam applications -- external threats," says Walter Scott, CEO of GFI Software. "This has led to the common belief that with these, your network is secure enough. A secure network depends on many other factors and, unfortunately, the internal threat is far too often being ignored. There is a pervasive indifference toward monitoring the whereabouts of data and its ability to accessed or copied."

The Forrester study takes the opposite view, noting that the majority of companies are deploying data leakage protection (DLP) technology, and that heavily regulated industries -- such as finance, insurance, utilities, and telecommunications -- are taking interest in DLP at an even higher rate. In the Forrester study, the retail/wholesale and manufacturing industries showed the least interest in DLP, but even in those industries, the majority of companies showed some interest.

"The current economic environment means data protection will be the CISO's top priority," Forrester says. "Protecting insider threats will continue to increase in a downturn." Forrester suggests that those companies still ignoring the insider threat will change their attitudes over time.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8243
Published: 2014-11-01
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote a...

CVE-2014-8244
Published: 2014-11-01
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote a...

CVE-2013-0334
Published: 2014-10-31
Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source.

CVE-2014-2334
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

CVE-2014-2335
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.