Hackers are mainly targeting securing access to sensitive information from traditional insiders, privileged users and outside-in attacks.
Organisations in both the US and Europe are facing difficulties in detecting insider threats, with the moves towards cloud computing and big data only adding to the worries associated with insider security, a new report revealed.
Vormetric’s latest Insider Threat Report, developed in collaboration with Ovum, noted that nearly half of organisations considered lack of visibility into infrastructure as the major concern for cloud systems, followed by the potential for illegal access to data (46%) and lack of control over where the information is captured (44%).
The report also confirms that both US and European organisations are finding detection of insider threats more difficult than previous years (at a rate of 47 percent for the US, 54 percent internationally).
According to Vormetric’s findings, the security of big data reports was seen as a major concern for big data (54%), followed by opportunity of privacy breaches (49%), while 46% of them believed lack of security and compliance controls was their major concern.
Vormetric CEO Alan Kessler said that securing access to sensitive data, from traditional insiders, privileged users and outside-in attacks like Advanced Persistent Threats (APT), is a clear concern to the future of organisations.
"The report clearly shows growing awareness of insider threats, but it also outlines that organisations have not yet adjusted their security posture to offset them," he said.
"Rapid growth in the volume of sensitive information, combined with new technologies such as Cloud and Big Data enhance the difficulty and make traditional end point protections and network perimeter security less relevant every day.
"To defend themselves, organisations must take a data centric approach, implementing encryption and access controls to limit exposure, and monitoring data access to identify inappropriate user activity."
Overall, only 3% of US organisations said that they felt safe, compared to 9% in businesses in Europe, with 47% of US businesses saying they felt vulnerable, signficiantly higher than in Europe, where only 25% of organisations felt the same.
The report added that US organisations were less willing to pay more to deal with such issues, as 66% of EU organisations said they were considering boosting budgets to protect themselves, compared to 54% in the US.
Around 50% of EU firms said they kept a regular eye on access to sensitive information, versus only 29% of US enterprises, whilst 39% of European businesses said they were worried about exploitation of access rights to their information, compared to 63% of US respondents six months ago.