News
New Study: Data Theft Rising Sharply, Insider Threats Cited as Leading Cause
August 2016 by Ponemon Institute and Varonis Systems, Inc.
Three out of every four organisations have been hit
by the loss or theft of important data over the past two years, a sharp increase
since 2014, according to a new survey of more than 3,000 employees and IT
practitioners across the U.S. and Europe. The report, released today, was conducted
by the Ponemon Institute and sponsored by Varonis Systems, Inc., a
provider of software solutions that protect data from insider threats and
cyberattacks.
The rise in data loss and theft, according to the survey, is due in large part to
compromises in insider accounts that are exacerbated by far wider employee and
third-party access to sensitive information than is necessary, and by the continued
failure to monitor access and activity around email and file systems – where most
confidential and sensitive data moves and lives.
The survey report, “Closing Security Gaps to Protect Corporate Data: A Study of
U.S. and European Organisations,” resulted from interviews conducted in April and
May, 2016, with 3,027 employees in the United States, United Kingdom, France, and
Germany. Respondents included 1,371 end users and 1,656 IT and IT security
professionals, in organisations ranging in size from dozens to tens of thousands of
employees from a variety of industries including financial services, public sector,
health care and life sciences, retail, industrial, and technology and software.
Among the key findings:
Seventy-six percent of IT practitioners say their organisation experienced the loss
or theft of company data over the past two years. This is a significant increase
from 67 percent of IT respondents who gave the same response in the 2014 study
conducted by Ponemon for Varonis.
IT respondents say insider negligence is more than twice as likely to cause the
compromise of insider accounts as any other culprits, including external attackers,
malicious employees or contractors.
Seventy-eight percent of IT people are very concerned about ransomware, a type of
malicious software that that blocks access to files until a sum of money is paid.
Fifteen percent of organisations have experienced ransomware and barely half of
those detected the attack in the first 24 hours.
Eighty-eight percent of end users say their jobs require them to access and use
proprietary information such as customer data, contact lists, employee records,
financial reports, confidential business documents, or other sensitive information
assets. This is sharply higher than the 76 percent recorded in the 2014 study.
Sixty-two percent of end users say they have access to company data they probably
shouldn’t see.
Only 29 percent of IT respondents report that their organisations enforce a strict
least-privilege model to ensure insiders have access to company data on a
need-to-know basis.
Only 25 percent of organisations monitor all employee and third-party email and file
activity, while 38 percent do not monitor any file and email activity.
Thirty-five percent of organisations have no searchable records of file system
activity, leaving them unable to determine, among other things, which files have
been encrypted by ransomware.
Dr. Larry Ponemon, Chairman and Founder of Ponemon Institute, a leading research
center dedicated to privacy, data protection and information security policy,
observed, "Despite all the technology available and the spike in highly publicised
attacks, data breaches continue to rise. The most valuable data featured in most
breaches is unstructured data such as emails and documents. When emails and files
are surfaced, they tend to cause scandal, forcing the breach to have a lasting
effect on the company’s reputation. This survey raises key points as to why
hackers are able to maximise impact – too many employees have too much access,
beyond what they need to do their jobs. On top of this, when employees access
valuable data and their activity is not tracked or audited, it becomes far too easy
for an external hacker or a rogue insider to get away unnoticed.”
Yaki Faitelson, Co-Founder and CEO of Varonis, said, “Right now we’re in a
technology arms race with hackers and insider threats. Unnecessarily excessive
internal access combined with a lack of monitoring and auditing sets organisations
up for disaster. Sony Pictures, the Panama Papers and the recent Democratic National
Committee intrusions all concerned the theft of files and emails that were not
protected well enough from insider threats or outside attackers that compromised
insider credentials, causing major damage to those organisations and their
reputations. These new findings, alongside the fallout from those breaches, should
keep executives awake at night. What will be the straw that makes businesses focus
their efforts on protecting their precious information assets? Varonis is helping
thousands of organisations around the world address these challenges, prepare for
and stop ransomware and other malicious threats that get inside and impersonate
insiders.”
