Insider threats and data leaks chip away at your security stance. Often they occur quietly and when nobody is looking. Then, suddenly, they’re hammering down your office door, tying your IT staff up in knots, causing a spike in helpdesk tickets and getting you in hot water with the execs.
Insider threats put you in a pretty bad place.
But if you want to see things in perspective, watch the Fantastic Four movie coming out next month. Except for the fact that you’re defending your company and they’re defending the entire planet, you’ll have the chance to see how similar their situation is to yours. Really.
We don’t know yet what perils are in store for Marvel’s oldest superhero team — other than that the movie is sure to be Fant4stic — but if you’re an IT manager or director responsible for dealing with insider threats, you can probably guess the plot just by looking at your security landscape.
Insider attacks and data breaches? Sounds like Dr. Doom.
The insider threats and vulnerabilities you spend most of your time fighting – they’re Dr. Doom. Remember the last Fantastic Four movie? It was Victor Von Doom’s space station they used to test the exposure to the cosmic energy cloud, and he was on the inside when they all got exposed.
The super-powers went to his head – “Do you really think fate turned us into gods so we could refuse these gifts?” – and you have to hope that that won’t happen to people in your organization. But whether malicious or accidental, the next security breach will creep up on you, so you have to think a step ahead of it.
Quest co-sponsored this year’s Insider Threat Spotlight Report, and we’re making it available to you at no charge. It includes results from a survey of 500-plus cybersecurity professionals on how their organizations are approaching insider threats. Whether you’re just getting big enough to start worrying about insider attacks and data leaks, or you already have a defensive strategy in place, you’ll find plenty of new ideas in this 36-page report.
What does Dr. Doom look like this year? Respondents believe that the groups posing the biggest security risk now are:
- Privileged users (59%)
- Contractors/consultants and temporary workers (48%)
- Regular employees (46%)
Have a look at page 8 of the report to see who else is on the high-risk list. It’s not saying that these are the people whisking confidential data out of your network, but that’s where your counterparts are focusing their attention.
When you connect your devices to lots of other devices, and have people administering them, insider threats come with the territory. In my next post, I’ll discuss some of the survey results around threat detection.
It’s your job to keep an eye on insider attacks and data breaches, and offering the 2015 Insider Threat Spotlight Report at no cost is one of the ways we can help you. After all, these threats will come back. Just remember how the manifest went haywire at the end of the last movie. Think you’ve seen the last of Dr. Doom?