What are the growing security threats that organizations should be most concerned about? You get half a point if you said ransomware, but only because that’s flooded news coverage lately and is something that all organizations need to get a better handle on.
But the answer, according to Bomgar’s recently released 2017 Secure Access Threat Report, is insider and third-party threats:
Despite rising awareness of the threats posed by users with privileged access permissions, most organizations still allow a myriad of internal and external parties to access their most valuable systems and data. Many are placing trust in both employees and third parties without a proven means of managing, controlling, and monitoring the access that these individuals, teams and organizations have to critical systems and networks.
The report sees insider threats and third-party threats to be separate and distinct problems. In the case of third-party threats, the study found the number of vendors accessing a company’s network has doubled in just one year to 181 per week on average, and that two in three companies have experienced a data breach because of unsecured vendor access. No wonder more cybercriminals are seeing third parties as an entry way into a company’s network.
Insiders provide a different type of challenge because they have to have some network access in order to perform their job duties, but it’s their behaviors that have security personnel concerned. As Matt Dircks, Bomgar CEO, said in a formal statement:
It only takes one employee to leave an organization vulnerable. With the continuation of high-profile data breaches, many of which were caused by compromised privileged access and credentials, it’s crucial that organizations control, manage, and monitor privileged access to their networks to mitigate that risk. The findings of this report tell us that many companies can’t adequately manage the risk related to privileged access. Insider breaches, whether malicious or unintentional, have the potential to go undetected for weeks, months, or even years – causing devastating damage to a company.
A survey conducted by MeriTalk also looked at the security risks caused by insiders, only in this survey, the focus is on insiders and the cloud. Cloud applications are making it more difficult to identify threats, in part, according to Rob Potter, vice president of public sector at Symantec, due to dissolving boundaries that make the threat landscape more complex.
It’s easy to get caught up with all of the other types of threats out there – and those shouldn’t be ignored – but cybersecurity has to start at home, and that begins with better monitoring of the folks who have direct access to your network and data.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba