A majority of organizations continue to struggle with insider threat detection and management – largely due to outdated systems, immature programs, and insufficient investments.
Research from Dtex Systems says that of professionals surveyed, 62 percent report that insider threat detection has become more difficult in the last two years, despite exponential increases in the number of insider-related incidents and mindshare dedicated to insider risks. The report highlights several factors responsible for the growing number of complexities and challenges being faced, including:
- Ineffective Solutions: More than 60 percent of respondents identify significant weaknesses with popular insider threat solutions such as Data Loss Prevention (DLP), User Endpoint Behavior Analytics (UEBA), and Employee Monitoring systems.
- Lack of Data Quality: Two in three organizations (66%) report a struggle with turning volumes of security activity and event data being collected into intelligent, actionable insights.
- Insufficient Investments: Seven in 10 organizations (71%) currently dedicate 10 percent or less of their total security budget to insider threat strategies and programs. Nearly half of the organizations surveyed (49%) spend six percent or less on insider threats.
- Privacy Concerns: With heightened concerns and new regulation surrounding employee privacy, 24 percent of respondents report a struggle when it comes to balancing privacy requirements with organizational security needs.
"This research uncovers consistent mismanagement of insider threat programs, greatly increasing cyber-risk. It's time for security, risk, and technology leaders to rethink their haphazard insider threat strategies and adopt a more comprehensive approach," said Jon Oltsik, ESG Senior Principal Analyst and ESG Fellow. "Organizations should increase investments in insider threat programs, and focus that spend on advanced, purpose-built solutions that are capable of effectively identifying and managing modern insider threats in an accurate and timely fashion."
"ESG's research validates the simple truth that despite billions of dollars being spent on enterprise security, a disproportionate amount of that money is spent on strengthening external threat defenses versus insider threat defenses – even with the overwhelming amount of data that shows insider threats are equally as, if not more, damaging," said Katie Burnell, Global Insider Threat Specialist at Dtex Systems. "Building a truly comprehensive, effective insider threat management program requires that organizations recognize, and prioritize, the need for a strong foundation of complete visibility and quality user activity data."
The full report, "Insider Threat Program Realities," is available for download here.