Insider Risk

The data says it’s the data

By Veriato Team

In our last post we discussed four key takeaways from a recent research effort into the scope and nature of the insider threat. In this post, we’ll continue to explore the data …

… and the data says it’s the data you are most concerned about.

63% of survey respondents are most concerned with data leaks stemming from insider attacks. 29% are most concerned with IP Theft, 23% with espionage. Fraud was the only type of insider threat that ranked highly (36%) that was not directly about data getting into the hands of those who should not have it.

What data in particular? Customer data, intellectual property, sensitive financial, and company data (employee information, sales and marketing data, and healthcare related data) were the top types of data most vulnerable to an insider attack.

It’s also unsurprising that privileged users (such as managers with access to sensitive information) were the top choice for the user group that poses the biggest security risk. Often the privileged user term is used to refer to IT Admins and the like, but in this case 41% viewed that group as posing the biggest risk. (Note: there may be some built in bias here, as a lot of the respondents would fall into this group). “Regular” employees came in at 46%, about on a par with contractors and consultants.

Yet with all this concern about data being leaked, breached, or stolen by insiders, only 21% of organizations continuously monitor the behavior of the users on their network. And a significant plurality (48%) rely on server logs to provide visibility into user behavior. Server logs have a place, but when it comes to focused detection of insider attacks, they are simply not sufficient.

In the next and final post in this series, we’ll continue to break down the survey data and take a look at how organizations can begin to sharpen their focus on this problem.

2023 Preparedness Checklist: Ensure Your Workforce Is Productive and Secure

This guide will help you understand where there are opportunities and risks in your workforce, and what you can do to make sure 2023 is as secure and productive as possible with workforce behavior analytics.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Productivity & Insider Risk Resources

Elizabeth Harz RSAC 2023 Interview

Elizabeth Harz RSAC 2023 Interview

Elizabeth Harz, CEO of Veriato, gave an interview to ISMG at this year's RSA Conference in San Francisco. In it, Elizabeth covers the challenges of maintaining data security in the remote or hybrid workforce environment and the rising cost of data breaches. She also...

A More Insightful, Proactive Approach to Employee Monitoring

A More Insightful, Proactive Approach to Employee Monitoring

Also known as “bossware” and even “employee surveillance”, employee monitoring has been placed in the bucket of technologies that companies force on their employees. Whatever you call it, its use is on the rise and it looks like it’s here to stay. As of 2022, 60% of...

Bossware and the Future of Work

Bossware and the Future of Work

Recently, there has been considerable coverage of “bossware” and a focus on draconian types of “surveillance” some companies are using to stay on top of remote and flexible workforces. Articles claim companies are accessing the camera on laptops and tracking every...