Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12:35 PM
Dark Reading
Dark Reading
Products and Releases

73 Percent Of Organizations Fail To Block Privileged User Access To Sensitive Data

Results show that the primary concerns for IT decision makers are around cloud security and insider threats

SAN JOSE, Calif. – October 7, 2013 – Vormetric, a leader in enterprise data security for physical, virtual and cloud security, today announced the results from its Insider Threat Report, conducted in conjunction with Enterprise Strategy Group. The study surveyed more than 700 IT security decision-makers. It was created with the goal of providing timely, relevant information about issues surrounding Insider Threats and Privileged Users. With a focus primarily on large enterprise organizations, the study indicates that there are major gaps between existing security processes and the technologies currently in place to address insider threats. For example, only 27% of respondents block privileged user access to data, a proven method of mitigating insider attacks, while 66% of respondents use perimeter focused network intrusion detection and prevention tools to identify and prevent insider threats although it is well understood that these tools weren't designed for insider threat detection but to protect from external threats.

Click to Tweet: New Research: @Vormetric Insider Threat Report highlights only 27% block privilege user access to data #datasecurity: http://bit.ly/195Ca6T

"The data is clear – IT decision-makers are concerned about insider threats and data breaches, but tend to rely on perimeter and network security focused tools today, rather than securing the data at its source," said Jon Oltsik, Senior Principal Analyst at Enterprise Strategy Group. "What this research highlights is that large organizations need a data-centric security strategy. Insider attacks are increasingly difficult to prevent and detect, and the research findings reveal the need for a change in approach."

The more forward looking and sophisticated organizations were using technology approaches that are proven protections against malicious insiders, or malware attacks that compromise insider credentials such as APTs, but were in the minority:

Only 40% are monitoring privileged user activities, with just 27% blocking privileged user access.

· Nearly half (48 percent) of organizations only review sensitive data access monthly and a startling 76% admit to not being proficient at detecting anomalous data access behavior in real-time.

Yet the results also show that many enterprises still focus protections toward the legacy perimeter approach.

· Network traffic monitoring is the most-used tool to identify and prevent data breaches (56 percent)

· Laptops and desktops are believed to be the biggest threat (49 percent).

· Two thirds (66 percent) use or intend to use Intrusion Detection/Prevention Systems (IDP/IPS) to supplement network traffic monitoring and detect and prevent insider attacks.

However, attitudes and protection plans are changing, with 45% of organizations reporting that Edward Snowden has caused them to be more aware of insider threats and over half (53 percent) are increasing their security budgets to offset the problem in the next year. Many of those investments will go into additional protections for data, with 78% either already using or planning to use data encryption and an additional 70% already using or planning to use data access controls.

"It's clear that organizations of all kinds are concerned with securing access to sensitive data," said Alan Kessler, CEO for Vormetric. "While many of the respondents are using more of the right security technologies and tools to help reduce their attack surface, a much larger group is falling short in taking the additional step to protect from insider threats and thwart attacks such as APTs that steal insider credentials."

The survey results and research report are available from Vormetric and Enterprise Strategy Group. You can find the results here.

About Vormetric

Vormetric (@Vormetric) is the industry leader in data security solutions that span physical, virtual and cloud environments. Data is the new currency and Vormetric helps over 1200 customers, including 17 of the Fortune 25 and many of the world's most security conscious government organizations, to meet compliance requirements and protect what matters -- their sensitive data -- from both internal and external threats. The company's scalable solution suite protects any file, any database and any application -- anywhere it resides -- with a high performance, market-leading data firewall that incorporates application transparent encryption, privileged user access controls, automation and security intelligence.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Peter Fretty
Peter Fretty,
User Rank: Moderator
10/24/2013 | 3:38:26 PM
re: 73 Percent Of Organizations Fail To Block Privileged User Access To Sensitive Data
It would be interesting to see what tools these organizations failing to protect their most sensitive data have in place. Governance and granular control are a few of the key benefits of having next generation firewalls and UTM appliances in place (i.e. Sophos). Its amazing how lax organizations are in protecting their assets considering the ever evolving threat landscape including internal attacks.

Peter Fretty
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-15
A XSS Vulnerability in /uploads/dede/action_search.php in DedeCMS V5.7 SP2 allows an authenticated user to execute remote arbitrary code via the keyword parameter.
PUBLISHED: 2021-05-15
DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote attacker to send a malicious request to to the web manager allowing remote code execution.
PUBLISHED: 2021-05-14
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.
PUBLISHED: 2021-05-14
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
PUBLISHED: 2021-05-14
The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue.