Posted in Insider Threat Management

Insider Threat Level May 2019: Data-Driven Decisions Edition

Reading Time: 2 minutes

If you love cold, hard data as much as we do, then this month’s Insider Threat Level will be right up your alley. With three new reports released that illuminate the current state of insider threats, we can guarantee there will be some surprising nuggets and useful data points for building your insider threat strategy. Get this month’s top stories below.

The Verizon DBIR 2019: Unveiled

(Source: Verizon)

Verizon’s 2019 Insider Threat Report is live, and the well-known analysis this year illuminates the extent to which the C-Suite has become a popular target for social engineering attacks. The report found that top-level execs are 12 times more likely to be the target of social incidents and nine times more likely to be targeted by social breaches.

A callback to our February Insider Threat Level, it was revealed this month that the number of breaches in the Public Administration sector jumped in 2018. Nation-states running cyber-espionage campaigns regularly hack their way into public networks. This makes the public sector the most-targeted of all industries for 2018.

These realities, alongside the continued popularity of web-based email attacks, ransomware, and espionage, are helpful data points to establish where the security landscape stands today. Organizations developing their insider threat strategies would do well to consider data like this, which is sourced from a wide variety of proprietary and public information sources to paint the clearest possible picture of today’s threat landscape.  

Healthcare’s Biggest Threat? It’s Not Ransomware

(Source: Infosecurity Magazine)

While ransomware attacks have gotten quite a bit of press coverage for their impact on the healthcare sector, it turns out this is no longer healthcare’s top security threat. A new Vectra study found that internal human error and misuse are far more common occurrences than hacking, including ransomware. The high margin of error is due in part to mismanaged devices, as well as lateral movement of device-to-device communications. Healthcare organizations who are seeking to improve their security and mitigate risks and financial fallout should pay close attention to their own internal practices—above and beyond focusing on how to prevent external attacks.

Security Protocols and Employee Training: Where Organizations Must Focus

(Source: Help Net Security)

ObserveIT recently conducted a global survey of 600 IT leaders across various industries. The report found that many employers need to work on developing clear, comprehensive cybersecurity protocols and investing more in employee training programs and monitoring tools to verify safe user activity. Most organizations want to believe they can trust their employees. But it’s time to take a “trust but verify” approach to internal employee actions. The risk is simply not worth it, and technology has come a long way in being able to identify and mitigate insider attacks.