Haystax survey indicates organizations ill-equipped to handle insider threats
MCLEAN, VA March 29, 2017 Haystax Technology, a leading security analytics platform provider, today released an industry survey titled "Insider Attacks" that provides new data and insights into the current state of the insider threat problem and how organizations are dealing with it.
According to the study, despite an increase in spending and investment in deterrence tactics and detection tools, insider threats continue to cause harm to all types of organizations. The report suggests that, although funding is increasing, inadequate resources are being allotted to predictive risk analytics — a critical component of mitigating insider threats. This lack of analytics investment comes at a price, as insider attacks continue to be costly.
"Ask any cybersecurity specialist to name the biggest security threat to an organization and they'll tell you it's people," said Haystax CEO Bryan Ware. Yet despite increased funding on insider threat programs, he added, the problem shows no signs of abating. "Training programs and network controls are important, but without analytics that produce actionable intelligence, organizations are often left in the dark until after a malicious insider does damage."
Using crowd-based research in partnership with the 300,000-plus members of the Information Security Community on LinkedIn and Crowd Research Partners, Haystax's report found nearly three-quarters (74 percent) of organizations feel vulnerable to insider threats, a significant seven-percent increase over last year. Of the organizations that are investing in insider threat mitigation, 61 percent are focusing mostly on deterrence (e.g., access controls, encryption, policies, etc.) and 49 percent on detection (e.g., monitoring, intrusion detection systems, etc.) — while 35 percent employ forensics and analysis systems like security information and event management (SIEM) tools.
Most survey respondents (67 percent) indicate that because insiders already have credentialed access to their networks and services, they are much more difficult to detect and deter than external threats. But only 42 percent of organizations say they are regularly monitoring user behavior while 21 percent do none at all.
Insider threat detection has improved, with 46 percent of respondents believing they could detect an attack within a day at most. What's more, 68 percent are confident in their ability to recover from an attack in a week or less, up 20 percent over last year's survey. However, three-fourths estimate remediation costs could be up to $500,000, with the other 25 percent believing costs could exceed that amount — and perhaps reach into the millions of dollars.
The Haystax Constellation Analytics Platform™ delivers advanced security analytics and risk-management solutions that enable rapid understanding and response to virtually any type of cyber or physical threat. Following an investment last year from Fishtech, Haystax Technology anticipates accelerated growth in 2017 as the leading platform provider in security analytics and insider threat.
For more information about the findings from the Haystax Insider Attacks Industry Survey, view the full report.
About Haystax Technology
Haystax Technology is a leading security analytics solution provider. Its Constellation Analytics Platform™ delivers advanced security analytics and risk-management solutions that enable rapid understanding and response to virtually any type of cyber or physical threat. Based on a patented model-driven approach that applies multiple artificial intelligence techniques, it reasons like a team of expert analysts to detect complex threats and prioritize risks in real time at scale. Top federal government agencies and large commercial enterprises, as well as state and local public-safety organizations, rely on Haystax for more effective protection of their critical systems, facilities and people. For more information about Haystax Technology, visit www.haystax.com.