Infographic: The Insider Threatscape in 2018

A look at how cyberthreats have been impacting enterprises, and how those companies plan to stop them in the new year

cyber thief insider threat repor

Here’s a pair of unsettling cybersecurity statistics. Half of all companies have experienced an insider attack in the past 12 months. Meanwhile. a whopping 90% of organizations say they are vulnerable to insider threats.

These two findings come from the 2018 Insider Threat Report, co-sponsored by Interset. In the study, a majority of enterprises surveyed say that they’re most concerned about the risks associated with the actions of regular employees (both malicious and negligent), privileged IT users, and contract workers. This underscores their desire for better enterprise-wide risk visibility to catch, in particular, threats such as inside jobs and malware infections—both of which tend to hide in the network.

To confront these threats, most companies use intrusion detection and prevention systems, log management tools, and/or Security Information and Event Management (SIEM) systems. But the success of those tools are mixed, to say the least: 43% of organizations say they still lack suitable security technology. So that’s the bad news.

What is promising, however, is that enterprises, realizing that rules and thresholds are failing them, have significant desires to find analytics solutions that will observe behaviors. In the report, a majority of companies expressed a need to better monitor and profile how insiders are accessing sensitive information. They also want to leverage wide swaths of company data to achieve that visibility. In the ideal scenario, this involves processing enterprise data to spot behavioral anomalies on the entity level (i.e. not just users, but also devices, files, applications, servers—and how all those entities interact with one another).

The latter is crucial to pinpointing insider threats, which are notoriously hard to spot but will surface through unsupervised machine learning. Businesses are evolving towards precision-oriented AI solutions that integrate security analytics with intel from existing security investments. The human-machine teaming that results not only relieves security teams of false alerts, but spikes their efficiency by giving them a shortlist of validated threat leads.

Below, a recap of the 2018 Insider Threat Report, in infographic form.

click for larger view