Ninety Percent of Organizations Are Vulnerable to Insider Threats According to New Cybersecurity Report

Survey of the Information Security Community Reveals How Organizations Combat Insider Threats

WASHINGTON--()--Crowd Research Partners today released its latest Insider Threat Report, which shows that the vast majority of companies and government agencies are vulnerable to insider threats; about half experienced an insider attack in the last twelve months.

Commissioned by Cybersecurity Insiders, this new insider threat study is based on a comprehensive online survey of 472 cybersecurity professionals, providing deep insights into the current state of insider threats and how organizations are responding to protect themselves.

"Insider threats are often more damaging than attacks from malicious outsiders or malware,” said Holger Schulze, CEO and Founder of Cybersecurity Insiders. “That’s because they are launched by trusted insiders - both malicious insiders and negligent insiders with privileged access to sensitive data and applications.”

Report highlights include:

  • Ninety percent of organizations feel vulnerable to insider attacks. The main enabling risk factors include: too many users with excessive access privileges (37%), an increasing number of devices with access to sensitive data (36%), and the increasing complexity of information technology (35%).
  • A 53% majority have confirmed insider attacks against their organization in the previous 12 months. Twenty-seven percent of organizations say insider attacks have become more frequent.
  • Organizations are shifting their focus to detection of insider threats (64%), followed by deterrence methods (58%), and analysis and post breach forensics (49%). The use of user behavior monitoring is accelerating; 88% of organizations deploy some method of monitoring users.
  • The most popular technologies to deter insider threats are Data Loss Prevention (DLP), encryption, and identity and access management solutions. To better detect active insider threats, companies deploy Intrusion Detection and Prevention Solutions (IDPS), log management and SIEM platforms.
  • The vast majority of organizations (86%) already have or are building an insider threat program. Thirty-six percent have a formal program in place to respond to insider attacks, while 50% are focused on developing their program.

Download the full Insider Threat Report here:

The Insider Threat Report was produced in partnership with leading cybersecurity vendors: CA Technologies, Dashlane, Haystax Technology, HoloNet Security, Interset, Quest, Raytheon, RSA, Securonix, and Veriato.

About Cybersecurity Insiders

Cybersecurity Insiders is an online community of information security professionals to provide a comprehensive, one-stop source for everything related to cybersecurity - connecting people, opportunities, and ideas. Visit

About Crowd Research Partners

Crowd Research Partners creates unique, fact-based thought leadership content that delivers market insight and benchmarks for today’s cybersecurity professionals and vendors. For more information visit


Crowd Research Partners
Nancy Pieretti, 603-682-8616


Crowd Research Partners
Nancy Pieretti, 603-682-8616