Companies Are Equally Worried About Accidental and Malicious Insider Threats, Veriato Co-Sponsored Survey Shows

2018 Insider Threat Report also reveals respondents feel insiders can be just as damaging as outsiders, yet they aren’t implementing the right tools to prevent and detect insider breaches

PALM BEACH GARDENS, Fla.--()--Companies are just as worried about accidental and malicious insider threats, according to the 2018 Insider Threat Report, sponsored by user and entity behavior analytics and activity monitoring company Veriato and nine other companies and conducted by Crowd Research Partners.

Of the 472 cybersecurity professionals surveyed, 51 percent said they were most concerned about accidental and unintentional insider threats, while 47 percent of respondents said they were concerned about malicious attacks from inside. Respondents are also equally worried about external attacks (34 percent), accidental breaches (30 percent) or deliberate insider attacks (36 percent). Forty-four percent believe any of these types of attacks can be equally damaging.

“This study confirms what we've been saying for years, that insider threats are just as important to detect as external attacks,” said Larry Thompson, president, Veriato. “Organizations are starting to notice that trusted employees can inflict at least as much damage as any external breach can, regardless of whether they breach is accidental or deliberate. Now that they've recognized the problem, they need to start putting in the right detection measures—and quickly."

While companies are implementing some prevention and detection measures, respondents still feel vulnerable, with 90 percent saying they have at least some vulnerability to insider threats.

Companies are implementing numerous deterrence solutions, such as data loss prevention (60 percent), encryption (60 percent), identity and access management (56 percent), and endpoint and mobile security (50 percent). They are also using detection controls such as intrusion detection and prevention (63 percent), log management (62 percent), security information and event management (51 percent), predictive analytics (40 percent), and user and entity behavior analytics (UEBA) (39 percent). Use of UEBA has more than doubled compared to last year’s report. Veriato reports bookings from its UEBA solution, Veriato Recon, are outpacing the growth the survey highlights.

“To be effective, a robust insider threat program needs to focus on data, device and user,” Thompson said. “According to the study, many companies are relying heavily on DLP solutions to protect themselves from insider threats. While DLP has a role to play, it isn’t enough—and boards need to ensure their companies address what’s missing within their companies’ programs. UEBA and User Activity Monitoring help complete the picture.”

The 2018 Insider Threat Report, commissioned by Cybersecurity Insiders, provides deep insights into the current state of insider threats and how organizations are responding to protect themselves. For a copy of the entire report, visit here.

About Veriato

Veriato is an innovator in actionable user and entity behavior analytics and a global leader in user activity monitoring. More than 40,000 companies, schools, and government entities worldwide utilize Veriato to gain insight into the user activity on their networks and benefit from the security and productivity increases that come with it. Veriato’s product line includes the world’s leading employee investigation tool (Veriato Investigator), award-winning User and Entity Behavior Analytics (Veriato Recon), User Activity Monitoring (Veriato 360), and Ransomware defense (Veriato RansomSafe). For more information, visit the company’s website at www.veriato.com.

Contacts

SnappConner PR
Mark Fredrickson, 801-806-0161
mark@snappconner.com

Release Summary

Companies are just as worried about accidental and malicious insider threats, according to the 2018 Insider Threat Report, co-sponsored by Veriato.

Contacts

SnappConner PR
Mark Fredrickson, 801-806-0161
mark@snappconner.com