Insider threats are getting more dangerous
One of the most difficult types of attacks to detect are those performed by insiders. An “insider” would be anyone that has legitimate access to your company network and data. This would be via a login or other authorized connection.
Because insiders have authorized system access, they bypass certain security defenses. Such as those designed to keep intruders out. Since a logged-in user isn’t seen as an intruder, those security protections aren’t triggered.
There are three troubling statistics from a recent report by Ponemon Institute They illustrate the importance of addressing this threat. Insider attacks are getting worse, taking longer to detect and becoming more extensive.
The report found that over the last two years:
Insider attacks have increased by 44%.
It takes organizations 85 days to contain an insider threat, compared to 77 days in 2020.
The average cost of addressing insider threats has risen by 34%.
It’s important for companies to understand what makes up an insider threat. That’s the first step towards mitigation.