It is scary enough to think about all the bad things that wander outside our own houses. And our organizations have invested heavily to protect ourselves from these outsiders. Everyone—from the CEO, to the CFO, to the CIO and CISO, to the board of directors, wants to know what we are doing about them.

But what lurks within our “houses” should be just—if not more so—disconcerting. Indeed, the sad reality is that a large percentage of exposed data, vulnerabilities, and compromised systems occur as a result of insiders. And even though many of us take steps to address insider threats, data suggests efforts are inadequate and despite these efforts, our organizations remain at serious risk of insider threats.

Recognizing the need to raise awareness around insider threats, we commissioned Cybersecurity Insiders to conduct a survey of their security community on the topic. The resulting report, which was just released, sheds light on trends and challenges around insider threats, what organizations are doing to address the risks, and evaluates the current state of maturity around insider threat solutions.

For members of the FUSE Community, our upcoming webinar expert panel discussion on the report’s findings should be of interest (“The Dangers Lurking Right Below the Surface with Insider Threats”). Roll up your sleeves and get ready to dive into the details with our panel experts; you will have an opportunity to ask questions.

Though the report is packed with other insights, following are my top four takeaways: 

1. Insider Threat Problem Is Real and Growing
   Nearly 7 in 10 IT and security leaders report increased insider attacks this year. Two-thirds experienced at least one insider attack in the last 12 months, and 61% suffered outages as a result. Their top fear is the vulnerability of customer data, with over 60% in agreement. This makes a lot of sense considering the penalties that can be doled out for breaches of customer data—from the European Union’s General Data Protection Regulation (GDPR) to the Payment Card Industry Data Security Standard (PCI DSS). Putting aside the financial repercussions, the damage to brand reputation can prove even more catastrophic.
2. Detection Is Getting Harder
   Because insiders often have elevated access privileges to sensitive information, most organizations have increasing difficulty detecting malicious activity (60%). Combined with more data leaving the traditional network perimeter (48%) and the proliferation of data-sharing apps (47%), the conditions for successful insider attacks are becoming harder to detect. Figuring out how to detect and prevent these from occurring is one of the hardball questions we will be asking our panel.
3. Detection Is Exacerbated by the Cloud
   A majority of 56% believe that migrating to the cloud compounds the detection problem. While the report is silent on the reasons, the expanded attack surface and the sharing of security responsibility with the cloud services vendor are plausible explanations. With most of our organizations rapidly adopting cloud applications and services, we must ensure that traditional insider threat protections scale and extend into these multi-cloud environments.
4. Cybersecurity Awareness Training Is Not the End-all Solution
   In general, organizations understand the value of training as a preventative measure: 78% provide security training to employees as part of their insider risk management programs. However, 56% of security leaders report that lack of training and expertise represents the biggest barrier to better insider threat management. These findings suggest that security leaders would do well to reevaluate the effectiveness of their cybersecurity awareness training programs. Further, organizations that base the bulk of their insider threat capabilities on their cybersecurity awareness training programs are likely at a higher risk than they believe is the case.

These observations are just some of the insights that you will find in the 2019 Insider Threat Report, as well as some of the topics that our panel of experts will be covering. I look forward to seeing you on the webinar in a few weeks.

Have questions?  Start a discussion here.