The Edward Snowden leaks brought insider threats to the forefront of risks and challenges posed to organizations, but more than one year after the exemplary case enterprises still aren't equipped to handle such incidents, according to a recent study.
More than 60 percent of the 355 IT and security professionals polled by security firm Spectorsoft in their “2014 Insider Threat Survey” indicated that they weren't prepared to respond to insider attacks.
The respondents, hailing from small-to-midsized businesses to larger enterprises located in the U.S., Latin America, and Europe, primarily attributed this to both a lack of training (55 percent) as well as budget (51 percent), while 34 percent indicated that the threat wasn't even a priority.
In the survey, 35 percent of respondents said that they had experienced an insider attack, and a large majority, 75 percent, indicated that they don't have the ability to “detail the human behavioral activities of an insider threat,” the study said.
As for the financial impact an organization faces as a result of these threats, 70 percent of respondents shared that an incident cost them less than $50,000 in damages – a stat that left 30 percent of organizations taking a significant hit upwards of that.
Expenses, such as the aforementioned, can ultimately “cost [companies] jobs or the ability to do business,” Rob Williams, chief marketing officer at Spectorsoft, said in an email correspondence with SCMagazine.com.
“Because of the inability to detect an insider threat, 55 percent of incidents took longer than a week to be discovered – a lot of damage can happen in a week,” Williams said.
Those surveyed shared that detecting these threats is the most important aspect when it comes to security, however, they also find it the most challenging.
While breaches caused by insider threats can also be attributed to human error caused by employees without malicious intent, it's users with privileged access that may pose the biggest threat.
If there's one characteristic that organizations have taken away from the Snowden scenario, Williams believes it's the privileged user angle.
“More access means more opportunity to cause greater damage,” he said.