Vormetric's Insider Threat Report Reveals Mismatch between US Security Fears and Spending Report Highlights Contrasts Between American and European Security Priorities, Reactions and Future Plans
SAN JOSE, Calif., April 3, 2014 /PRNewswire/ -- Vormetric, the leader in enterprise data security for physical, virtual and cloud environments, today announced the results from its latest Insider Threat Report, conducted in conjunction with Ovum. Insider threats today have shifted to include both traditional insiders with access to critical data as part of their work, as well as privileged users and attacks that seek to compromise credentials to gain access to data such as Advanced Persistent Threats (APTs). Focused on enterprises, the report details concerns, the status of protection today, and organizations plans to offset insider threats as well as highlighting the responses of European organizations against their US counterparts.
The report reveals key insights into how both European and US organizations prioritize cloud security, data accessibility, privacy violations and compliance requirements as well as strong differences in approach and attitude to the problem. Contrasts between European and US organizations include:
- Three percent of US organizations felt safe versus nine percent in Europe and 47 percent felt vulnerable versus 25 percent Europe
- But US organizations were less prepared to spend money to address the problem, with 66 percent of European organizations planning to increase budgets to offset the threat versus 54 percent in the US – And with both sides admitting that compliance is the primary driver for these spending increases.
- European organizations seem to have some reason to feel more secure – Nearly half of European respondents constantly monitor access to sensitive information, compared to only 29 percent of US enterprises
- 39 percent of European businesses are concerned with abuse of access rights to their data, compared to 63 percent of US respondents six months ago.
"As large-scale breaches, APTs, and Snowden-related discussions dominate the news cycle, it is clear that insider threats are among the most prominent IT security issues facing organizations today, a feeling which is reflected within the findings of our report," said Andrew Kellett, lead analyst for the Ovum IT Security team. "From the data, it's clear that organizations are also struggling with new technologies like cloud, mobile and big data as they seek to protect themselves from insider threats."
"CSOs and enterprises are struggling today to cope with the massive increase in risks from insider threats that include both traditional insiders and privileged users as well as outside attacks that compromise their credentials in order to steal critical data," notes Robert Rodriguez, Chairman and Founder of Security Innovations Network (SINET)."Comparisons of European and US organizations within the report show Europeans feeling more secure, but that all need to rethink the mix of their investments in security controls, and focus more strongly on protecting data."
"Enterprises grow their use of cloud computing to take advantage of the business flexibility and financial advantages it brings," said Daniele Catteddu, Managing Director EMEA for Cloud Security Alliance. "The research shows that they feel that there are additional security risks from this growth, and details how cloud providers can enhance their offerings to better meet enterprise security needs for offsetting insider threats."
The report also confirms that both US and European organizations are finding detection of insider threats more difficult than previous years (at a rate of 47 percent for the US, 54 percent internationally), and that cloud and big data bring with them a host of additional insider related security concerns. Top-of-mind concerns for cloud include; lack of visibility into infrastructure (49 percent), potential for unauthorized access to data (46 percent) and lack of control over where data is held (44 percent). And for big data; the security of reports at 54 percent, possibility of privacy violations (49 percent) and lack of security and compliance controls (46 percent).
"Securing access to sensitive data, from traditional insiders, privileged users and outside-in attacks like APTs, is a clear concern to the future of organizations" said Alan Kessler, CEO for Vormetric. "The report clearly shows growing awareness of insider threats, but it also outlines that organizations have not yet adjusted their security posture to offset them. Rapid growth in the volume of sensitive information, combined with new technologies such as Cloud and Big Data enhance the difficulty and make traditional end point protections and network perimeter security less relevant every day. To defend themselves, organizations must take a data centric approach, implementing encryption and access controls to limit exposure, and monitoring data access to identify inappropriate user activity"
The survey results and research report are available from Vormetric. You can find the results here.
Vormetric (@Vormetric) is the industry leader in data security solutions that span physical, virtual and cloud environments. Vormetric helps over 1300 customers, including 17 of the Fortune 25 and many of the world's most security conscious government organizations, to meet compliance requirements and protect what matters —their sensitive data —from both internal and external threats. The company's scalable solution protects any file, any database and any application — within enterprise data center, cloud, big data environments — with a high performance, market-leading Vormetric Data Security Platform that incorporates application transparent encryption, access controls and security intelligence. Vormetric – because data can't defend itself.
Vormetric is a trademark of Vormetric, Inc