2015 VORMETRIC INSIDER THREAT REPORT

Transcription

1 Research Conducted by Research Analyzed by 2015 VORMETRIC INSIDER THREAT REPORT Trends and Future Directions in Data Security GLOBAL EDITION #2015InsiderThreat EXECUTIVE PERSPECTIVE 1

2 INSIDER THREATS: THE HIDDEN RISKS WITHIN YOUR ORGANIZATION. In the past year, data breaches of all kinds have been widespread. The fallout has been serious and widely publicized. Household names such as Home Depot, JP Morgan, Target, Vodafone, and Sony have suffered breaches and a loss of public trust. To predict future trends in data security and uncover insights into insider threats, Vormetric engaged Harris Poll to perform an online survey and independantly analyze over 800 senior business and IT professionals across Asia, Europe and North America, with global analyst firm Ovum to independently analyze their responses. Here s what we found: 34% 89% are very or extremely vulnerable 92% of respondents believe they are at risk are looking to increase or maintain existing spending on IT security and data protection 2

3 TODAY, COMPANIES MUST PROTECT THEMSELVES AS MUCH FROM COMPROMISED INSIDER CREDENTIALS AS THEY DO FROM TRADITIONAL INSIDER THREATS. In addition to those who normally have access to your network and data ordinary employees, IT staff with privileged access, suppliers, contractors, third-party service providers, and others insider threats also include outsiders who have stolen valid user credentials. THE SPECTRUM OF INSIDER THREATS TRADITIONAL INSIDERS PRIVILEGED USERS HACKERS ACTIVELY TARGETING INSIDER ACCOUNTS CRIMINAL HACKERS CLOUD/SAAS NATION STATES POROUS PERIMETERS BIG DATA THE MOST DANGEROUS INSIDERS HAVE PRIVILEGED ACCESS. All user groups with internal access to business systems should be monitored, and their access should be appropriate and no more than they need to fulfill their specific roles. Currently only 58% of organizations have technology in place that enables them to control privileged users and only 56% monitor and audit privileged user activities. WHERE S THE RISK? HIGHEST VOLUMES OF SENSITIVE DATA 49% DATABASES 39% FILE SERVERS 36% CLOUD While 71% of IT decision makers were worried about mobile device protection, these devices hold only 21% of sensitive data. However, anywhere data is being held, it is important to know and be able to prove who is getting access and what they are doing with that access. 3

4 DATA BREACH PROTECTION HAS REPLACED COMPLIANCE AS THE NUMBER ONE PRIORITY. Over 40% of organizations reported that they had either experienced a data breach or failed a security audit in the last year. Sony, Target, and Vodafone were all compliant at the time they suffered a data breach. PROTECTING CORPORATE DATA REMAINS THE TOP PRIORITY IN CLOUD AND BIG DATA OPERATIONS. Continued growth in cloud and big data has introduced new security concerns due to increased volume of sensitive data, the distributed nature of that data, a lack of control over the data, and the growing number of users who need to access it. This is a new extension of the ongoing balancing act between business efficiency and security. IN THE US, WHICH DATA STORAGE LOCATIONS PUT THE ENTERPRISE AT THE GREATEST RISK FOR LOSS OF SENSITIVE DATA? UNITED STATES 46% CLOUD 31% BIG DATA The combination of encryption, access control and data access monitoring is critical to using and protecting sensitive information in cloud and big data environments. 54% of respondents plan to increase their security spend to deal with insider threats. 4

5 54% OF RESPONDENTS PLAN TO INCREASE THEIR SECURITY SPENDING TO DEAL WITH INSIDER THREATS. The key is to focus available funds on risk-based strategies, including protecting sensitive data, monitoring and reporting on usage, and controlling user access. WHEN IT COMES TO SETTING IT SECURITY SPENDING PRIORITIES, ORGANIZATIONS ARE MOST CONCERNED WITH: DATA BREACH 50% PREVENTING A DATA BREACH INCIDENT 44% PROTECTION OF CRITICAL IP 41% PROTECTION OF FINANCES AND OTHER ASSETS 32% 32% FULFILLING REQUIREMENTS FROM CUSTOMERS, PARTNERS AND PROSPECTS FULFILLING COMPLIANCE REQUIREMENTS AND PASSING AUDITS RECOMMENDATIONS FOR IMPLEMENTING AN INSIDER THREAT STRATEGY: Because point-based security solutions are already failing to detect advanced attacks using employee credentials and data theft by legitimate users, a layered defense combining traditional as well as advanced data protection techniques is the path forward. Data protection initiatives need to follow the data protecting data-at-rest wherever it resides. For most organizations, this will involve protecting data held in both traditional environments (on-premise databases and servers) as well as newer big data applications and data used in public, private and hybrid cloud implementations. Companies should integrate data-at-rest encryption technology that minimizes operational impact and that works with strong access controls and key management for all important data sources. Implementing integrated data monitoring and technologies such as security information and event management (SIEM) systems to identify data usage and unusual and malicious access patterns is critical to maximizing security. To keep the whole organization safe, companies must develop an integrated data security strategy that includes monitoring, relevant access control, and levels of data protection, and leaves security to the CISO, not the boardroom. DATA AT REST PROTECTIONS IN USE TODAY 56% DATABASE/FILE ENCRYPTION 52% DATA ACCESS MONITORING 43% APPLICATION LAYER ENCRYPTION 37% DATA MASKING 26% TOKENIZATION 5

6 Those who wish to steal and destroy data are increasingly sophisticated. The damage done by these adversaries transcends the narrow financial impact of a data breach and has substantial impact to an organization s brand. The data breach, once an issue for the IT and security guys is now a board level issue impacting corporate brand and executive careers. Organizations that focus their security spending on protecting data at the source, implementing data monitoring technologies, and developing an integrated security strategy that includes data-at-rest encryption technologies will have greater success protecting their business. To read the full 2015 Vormetric Insider Threat Report Global Edition, please visit ANALYST PROFILE ANDREW KELLETT, PRINCIPAL ANALYST SOFTWARE IT SOLUTIONS, OVUM Andrew enjoys the challenge of working with state-of-the-art technology. As lead analyst in the Ovum IT security team, he has the opportunity to evaluate, provide opinion, and drive the Ovum security agenda, including its focus on the latest security trends. He is responsible for research on the key technologies used to protect public and private sector organizations, their operational systems, and their users. The role provides a balanced opportunity to promote the need for good business protection and, at the same time, to research the latest threat approaches. Andrew Kellett Principal Analyst Software IT Solutions, Ovum 6

7 HARRIS POLL SOURCE/METHODOLOGY Vormetric s 2015 Insider Threat Report was conducted online by Harris Poll on behalf of Vormetric from September 22-October 16, 2014, among 818 adults ages 18 and older, who work full-time as an IT professional in a company and have at least a major influence in decision making for IT. In the U.S., 408 ITDMs were surveyed among companies with at least $200 million in revenue with 102 from the health care industries, 102 from financial industries, 102 from retail industries and 102 from other industries. Roughly 100 ITDMs were interviewed in the UK (103), Germany (102), Japan (102), and ASEAN (103) from companies that have at least $100 million in revenue. ASEAN countries were defined as Singapore, Malaysia, Indonesia, Thailand, and the Philippines. This online survey is not based on a probability sample and therefore no estimate of theoretical sampling error can be calculated. ABOUT VORMETRIC Vormetric (@Vormetric) is the industry leader in data security solutions that protect data-at-rest across physical, big data and cloud environments. Vormetric helps over 1500 customers, including 17 of the Fortune 30, to meet compliance requirements and protect what matters their sensitive data from both internal and external threats. The company s scalable Vormetric Data Security Platform protects any file, any database and any application s data anywhere it resides with a high performance, market-leading solution set. OUR SPONSORS 7

8 2015 VORMETRIC INSIDER THREAT REPORT GLOBAL EDITION EXECUTIVE PERSPECTIVE Vormetric.com/InsiderThreat/ Vormetric, Inc. All rights reserved. 8