IT | Security

Survey Shows Lack of Planning for Insider Threats

By: Absolute Team | 12/30/2008

Last month we mentioned that Lanxoma was conducting a survey about insider threats and how companies are tackling that issue. The results of the survey came out, and were quite interesting!

The press release does not indicate how many people took the survey, so the results must be read with that in mind. Nonetheless, like many similar surveys, Lanxoma's survey revealed that 43% of respondents had experienced fraud, theft or losses that are a direct result of employees with access to sensitive information.

Given the economic situation, many companies involved in the survey have had to make layoffs, cut raises or defer promotions. 72% of the respondents feel this has increased their risk for insider attacks.

The survey also revealed that 28% of respondents believe that employees with a technical background are more likely to commit insider attacks. However, industry experts have shown that it is not technical know-how that increases risk of attack, but rather the dissatisfied employee who simply has access to information. Employees with existing access to sensitive information do not need to know much in order to take it.

Of those surveyed, only 20% of respondents say they have processes and security measures in place to combat insider threats. Most respondents believed they could do more. One area needing improvement would be in user privileges, which determines which type of user has access to what kind of data. This helps restrict sensitive information to only those employees that need it. Most companies interviewed had no such safeguards, nor were they consistently monitoring what data was accessed and by whom.