Survey: Insider Threat Most Costly for Organizations

Image: Aloysius Patrimonio

A new cybersecurity survey found that cyber attacks perpetrated by so-called “insiders” — those with inside knowledge or authorized access — are viewed as the most costly and damaging to an organization.

The 2011 CyberSecurity Watch Survey conducted by CSO magazine and sponsored by Deloitte found that 33 percent viewed inside attacks as more costly, an increase of 8 percent over last year. The survey reports that while more attacks are caused by outsiders (58 percent), the insider threat is becoming increasingly sophisticated.

The use of rootkits and other hacker tools by insiders jumped from 9 percent last year to 22 percent this year.

Aside from the monetary losses, the insider threat could tar an organization’s reputation, disclose confidential or proprietary information or disrupt critical systems — all of which can be “difficult to quantify and recoup,” the survey finds.

And, even with insider threats likely only to grow, the public is often left in the dark. That’s because about 70 percent of insider attacks are handled by the organizations with no official legal action taken.

“Technical defenses against external attacks and leakage of well-formatted data like social security numbers and credit card numbers have become much more effective in recent years,” said Dawn Cappelli, technical manager of the Insider Threat Center at CERT, the federal agency tasked with monitoring cyber threats. “It is a much more challenging problem to defend against insiders stealing classified information or trade secrets to which they have authorized access or against technically sophisticated users who want to disrupt operations.”

The report also found that, overall, cyber attacks are on the rise. Twenty-eight percent of respondents said have seen an increase in the number of events, according to the study.

But, while attacks are increasing, they are not as financially damaging as in previous years, likely because of strategic and proactive steps that organizations are taking.

Share this story...Tweet about this on Twitter1Share on LinkedIn0Share on Facebook0Share on Google+0Email this to someone
Filed in: Industry News Tags: , , ,

You might like:

Deloitte’s Russ Rudish Proposes Cybersecurity Measures for Healthcare Industry Deloitte’s Russ Rudish Proposes Cybersecurity Measures for Healthcare Industry
Deloitte, Verizon to Integrate Cyber Offerings for Enterprise Clients; Mike Denning Comments Deloitte, Verizon to Integrate Cyber Offerings for Enterprise Clients; Mike Denning Comments
Janet Foutty, Deloitte Federal Head, on Digital Services Trends to Watch and STEM Workforce Construction Janet Foutty, Deloitte Federal Head, on Digital Services Trends to Watch and STEM Workforce Construction
Deloitte Unveils New Analytics Platform for Internal Auditors; Carey Oven Comments Deloitte Unveils New Analytics Platform for Internal Auditors; Carey Oven Comments
© 6652 ExecutiveBiz. All rights reserved.