dcsimg
 
 
 
 
 

IT Decision Makers' Biggest Fear: Privileged Users

 
 
By Gina Roos  |  Posted 2015-03-05
 
 
 
 
 
 
 
 
 
  • 1 of
  • Previous
    1 - High Vulnerability
    Next

    High Vulnerability

    97% of U.S. financial services respondents reported they were somewhat or more vulnerable to insider threats, compared with 93% of U.S. retail respondents. However, 51% of U.S. retail organizations identified themselves as very or extremely vulnerable.
  • Previous
    2 - Data Breaches
    Next

    Data Breaches

    41% of U.S. financial services respondents have experienced a data breach or failed a compliance audit in the last 12 months, compared with 48% of U.S. retail respondents.
  • Previous
    3 - Biggest Threats
    Next

    Biggest Threats

    63% of U.S. financial services respondents cited "privileged users" as the most dangerous insider threat, followed by partners with internal access (43%) and contractors/service providers (40%). Similarly, 59% of U.S. retail respondents cite privileged users as the biggest threat, followed by partners with internal access (51%) and contractors/service providers (45%).
  • Previous
    4 - Data Protection
    Next

    Data Protection

    27% of U.S. financial service respondents are protecting data because of a past data breach, compared with 20% of U.S. retail respondents.
  • Previous
    5 - Misplaced Top Concern
    Next

    Misplaced Top Concern

    U.S. financial service respondents are most concerned about data on mobile devices (47%), databases (42%) and cloud (42%). However, the greatest volumes of data-at-risk are in databases (49%), on file servers (39%) or in cloud environments (36%).
  • Previous
    6 - Biggest Concerns for Retailers
    Next

    Biggest Concerns for Retailers

    U.S. retail respondents report that cloud (51%), big data (37%) and databases (37%) are at the greatest risk for data loss. The greatest volumes of sensitive data are in the cloud (49%), databases (42%) and big data (34%).
  • Previous
    7 - Problem Solving
    Next

    Problem Solving

    U.S. financial services and U.S. retailer respondents rate analysis and correlation tools (75%, 78%), data-at-rest defenses (82%, 84%), data-in-motion defenses (84%, 81%), endpoint and mobile defenses (76%, 78%), and network defenses (81%, 87%), respectively, as very or extremely effective as a defense.
  • Previous
    8 - Making Investments in Data Protection
    Next

    Making Investments in Data Protection

    U.S. financial services and U.S. retailer respondents also plan to increase spending for analysis and correlation tools (47%, 56%), data-at-rest defenses (41%, 56%), data-in-motion defenses (49%, 56%), endpoint and mobile defenses (56%, 55%), and network defenses (62%, 54%), respectively.
  • Previous
    9 - Spending Priorities for Financial Services
    Next

    Spending Priorities for Financial Services

    57% of U.S. financial service respondents cited preventing a data breach incident as their top spending priority, followed by protection of finances and other assets (43%), and fulfilling compliance requirements and passing audits (39%).
  • Previous
    10 - Spending Priorities for Retailers
    Next

    Spending Priorities for Retailers

    63% of U.S. retail respondents cited preventing a data breach incident, followed by protection of critical IP (37%), and protection of finance and other assets (36%). Interestingly, 77% of retail organizations rated compliance requirements as "very" or "extremely" effective at offsetting insider threats, but did not rank meeting compliance requirements as a top spending priority.
 

As the IT industry continues to face growing security issues, amid announcements of security breaches at major retailers and banks in the past year, virtually all IT decision makers at financial services and retail organizations believe their organizations are vulnerable to insider threats, according to an online survey conducted by Harris Poll for Vormetric's 2015 Insider Threat Report. The study, based on a poll of 408 U.S. IT decision makers primarily at retail and financial companies, found that the biggest threats come from a variety of insider channels, including privileged users and the supply chain, such as contractors and service providers. In addition, disruptive technologies, such as the cloud and big data, are creating new risks to organizations with additional administrative roles. These findings show that organizations need to develop and prioritize their IT security strategies to protect their data and reduce their vulnerabilities. They also should make encryption with access controls the default, monitor and analyze data-access patterns, and replace point solutions with data security platforms, according to the report. Here are key takeaways from the report.