Cybersecurity practitioners are sounding the alarm bells. Amplified by the not-going-away-anytime-soon Great Resignation and the here-to-stay shift to hybrid-remote work models, Insider Risk sees exponential growth.
Exponential growth, lagging indicators, flattening the curve — the pandemic forced us all to get familiar with concepts like these. And these same ideas are extremely relevant to how we should all be thinking about Insider Risk right now. New findings from the Annual Data Exposure Report 2022, and it showed an alarming trend: Almost every company today is dealing with Insider Risk — 3 in 4 admit Insider Risk is a big problem. But awareness of the problem is a “lagging indicator” of what’s really going on inside most organizations.
The proliferation of cloud tech keeps accelerating Insider Risk — amplified by the not-going-away-anytime-soon Great Resignation and the here-to-stay shift to hybrid-remote work models. Cybersecurity practitioners are sounding the alarm bells on exponentially growing Insider Risk. Yet when it comes to Insider Risk mitigation, budgets aren’t shifting to compensate — and most companies haven’t prioritized improving their Insider Risk management capabilities. Awareness without action is leaving a huge gap: 71% of companies still don’t know what and how much sensitive data is moving outside corporate visibility — or walking out the door with departing employees.
Insider Risk by the Numbers
The Annual Data Exposure Report 2022 study surveyed 700 business leaders, security leaders and practitioners from companies in the U.S. Just as with past years’ surveys, the goal was to take the pulse of the cybersecurity world’s data protection challenges. Here are some of the highlights — or lowlights:
- 96% of companies experience challenges protecting corporate data from Insider Risks and 73% report Insider Risk is a big problem within their company.
- There is a one in three (37%) chance your company loses IP when an employee quits.
- 71% of respondents are concerned about their lack of visibility over what and how much sensitive data departing employees take to other companies.
- Only 21% of companies’ cybersecurity budgets have a dedicated component to mitigate Insider Risk — a slight increase from last year’s Annual Data Exposure Report.
But the numbers only tell part of the story here. Digging into the challenges the survey respondents reported, one of the most significant trends that is driving Insider Risk in almost every organization is the cloud technologies that drive the modern workforce.
The Kryptonite of Cloud Tools
The accelerating cloud shift got turbocharged by the pandemic. It’s now without question that cloud apps make it more seamless to connect from anywhere, easier to share and collaborate, and faster to get work done and move value to the market. It’s also clear that the hybrid-remote workforce is here to stay in most organizations. Companies are still figuring out what that balance looks like, but a recent PwC study found less than 1 in 4 workers are willing to return to “almost entirely in the office” work models. Wherever companies land on this, cloud apps are the engine that now powers the modern hybrid-remote workforce.
But these cloud super-tools have their own kryptonite: The same capabilities that empower employees to connect, create and collaborate faster and easier also make it faster and easier to exfiltrate data (intentionally or unintentionally). Recent data from Code42 demonstrates this. Removable media (thumb drives, etc.) is trending down as an exfiltration vector, while cloud exfiltration is skyrocketing — up 51% just since Q3 2021, leading to predictions that exfiltration via cloud services will become the exfiltration vector of choice in early 2022.
The problem here isn’t just that employees are exfiltrating files via cloud apps. It’s that cloud visibility is a huge blind spot for most security teams. This is especially true for files moved to an untrusted or unauthorized location (i.e., not within the corporate cloud environment) — or for companies using outdated data protection tools like DLP that can’t see cloud activity because they were built for an age before the cloud. The 2022 Data Exposure Report survey reflects these realities: 71% of cybersecurity professionals are concerned about sensitive data hosted outside of corporate storage where security teams lack visibility.
But it’s not all bad news. When companies clearly understand their biggest data risk, they are then empowered to take action. Once you understand the growing Insider Risk problem, you can address it. To throw in a little 2020 terminology: There’s still time to “flatten the curve” on Insider Risk. But companies need to get aligned on their Insider Risk priorities — sooner rather than later.
Source: Threat Post