Top Threat - The Insider
Ninety percent of organizations feel vulnerable to insider attacks. The main enabling risk factors include: too many users with excessive access privileges (37%), an increasing number of devices with access to sensitive data (36%), and the increasing complexity of information technology (35%).
Organizations are shifting their focus to detection of insider threats (64%), followed by deterrence methods (58%), and analysis and post breach forensics (49%). The use of user behavior monitoring is accelerating; 88% of organizations deploy some method of monitoring users.
The most popular technologies to deter insider threats are Data Loss Prevention (DLP), encryption, and identity and access management solutions. To better detect active insider threats, companies deploy Intrusion Detection and Prevention Solutions (IDPS), log management and SIEM platforms.
The vast majority of organizations (86%) already have or are building an insider threat program. Thirty-six percent have a formal program in place to respond to insider attacks, while 50% are focused on developing their program.