- 1 May 2014 11:04
2014 Vormetric Insider Threat Report Shows Australian Organisations Facing Cyber Threat From Within
SYDNEY, Australia – May 1, 2014 – Vormetric, the leader in enterprise data security for physical, virtual and cloud environments, today announced the results from its first Australian Insider Threat Report.
Conducted in conjunction with Ovum, the report reveals 91 per cent of Australian organisations did not feel safe from insider threats, such as when employees or contractors use legitimate access credentials to exfiltrate data, and when these user accounts are compromised by advanced attacks.
The report, which surveyed 183 senior IT professionals and business managers, predominantly from mid- to large-enterprise organisations, also revealed:
- Almost half (48%) are planning to increase spending to offset insider threats, and the same percentage also found that insider threats are more difficult to detect than just two years ago
- Regulatory compliance is the key driver for organisations to spend more on insider threat protection (37%)
- Cloud computing concerns were high, and centred around lack of visibility into service provider security stances (68%) and the potential for third party access to data (64%)
- Concern about insider threats among Australian IT professionals is less than half their U.S. peers, but was equivalent to that of their European peers
Damian Harvey, Vormetric A/NZ country manager, said that while organisations are beginning to realise some of the most damaging breaches can originate from within the company full awareness of the severity and frequency of data theft is still in its infancy.
“This report clearly shows that awareness of data breaches is rising. However, we are not there yet. We are still seeing organisations spend millions on perimeter defences, while neglecting to lock up their data or appropriately control access,” Mr Harvey said. “If a disaffected employee decides to steal IP or customer data for their own gain, it can be almost impossible to find out until it’s too late without the proper security controls – Edward Snowden is living proof of this. When it comes to data security, understanding and controlling access is the best safeguard for sensitive data.”
Both Harvey and Andrew Kellett, Ovum’s research director, underscored that the insider threat wasn’t only about employees and contractors being perpetrators, since external actors could also steal access credentials and impersonate a legitimate employee to gain access to sensitive material through malware, advanced persistent threats and social engineering.
“Large-scale breaches, such as APTs, and Snowden-related discussions have dominated the news cycle. It is clear that insider threats are among the most prominent IT security issues facing organisations today. This is reflected in the findings of our report,” said Ovum research director Kevin Noonan. “From the data, it’s clear that organisations are also struggling with new technologies like cloud, mobile and big data as they seek to protect themselves from insider threats.”
This report was conducted by Ovum Research on behalf of Vormetric and with cooperation from Cloud Security Alliance (CSA), MongoDB, OASIS, Total Device, Secruity Innovation Network and Field Fisher Waterhouse. It is the third Insider Threat reports from Vormetric, with previous reports covering European Insider Threats for 2014, and a USA focused Insider Threat report in September of 2013.
For more information, please visit: http://enterprise-encryption.vormetric.com/2014-Insider-Threat-European-Edition-AU.html
For the infographic, please visit: http://www.vormetric.com/resources/infographics
About Vormetric Vormetric (@Vormetric) is the industry leader in data security solutions that span physical, virtual and cloud environments. Vormetric helps over 1300 customers, including 17 of the Fortune 25 and many of the world’s most security conscious government organizations, to meet compliance requirements and protect what matters —their sensitive data —from both internal and external threats. The company’s scalable solution protects any file, any database and any application — within enterprise data center, cloud, big data environments — with a high performance, market-leading Vormetric Data Security Platform that incorporates application transparent encryption, access controls and security intelligence. Vormetric – because data can’t defend itself.