When it comes to keeping close watch on insider threats, organizations remain susceptible to risks associated with escalated privilege for employees who access their networks, even to the point of relaxing their security measures in place out of too much confidence in long-time employees.
That was what exactly happened to the National Security Agency, which was recently found spying on almost everyone on the Internet and in telecommunications lines, thanks to Edward Snowden. But whether we should thank Snowden for that or not is another story.
Raytheon has unveiled a recent report indicating that IT departments are not as stringent when giving access to users. In fact, employees have more privileges into corporate networks than what is sufficient for them to perform work, and there lies the flaw. As a result, this privilege user access tends to be abused to the extent that even the sensitive data that is completely not related to the required task is open for the viewing, even for the taking.
And we can hardly see strict policies in place to address this lax control.
According to Raytheon’s findings, 88 percent of respondent organizations are concerned over the risks of insider threats, meaning they acknowledge its ever growing presence but 69 percent lack the necessary tools to spot on them at once.
Moreover, 47 percent recognize the seriousness of threat from social engineering methods used by attackers, for instance, to steal administrative rights access from a legit user. That is especially alarming for the other 45 percent when such a victim holds deeper access to the company network, which would definitely lead to a damaging data theft.
But data theft does not find their limits within the victim organization itself, for the range of insider threat can also be extended into the personal information of customers. And while 8 out of 10 respondents consider security as their top concern, 6 out of 10 do not have the required financial resources to counter this threat.
Also, 50 percent of organizations that participated in Raytheon’s survey admitted they do not implement policies to control privileged access. As stated above, that is out of trust. And while organizations sometimes totally trust their personnel, they no longer monitor their activities.
Proper auditing is the key. There are varied driving factors for insiders to sniff on data that is not part of their jurisdiction, perhaps just to learn something more or to wreak havoc on an organization out of spite.