Internal Cyber-Threats Go Unaddressed

According to a recent survey by the Ponemon Institute, organizations lack understanding of the cyber risks associated with negligent or malicious employees. They are inadequately prepared to counter resident attackers and lack the ability to discover and remove internal threats. Less than half of respondents say their IT security team is doing a good job detecting whether a staffer is acting maliciously. Decision makers appear to be unaware that effective detection technologies are available in the marketplace, and lack understanding of the threat insiders pose generally. A survey report lists barriers that block effective detection of cyber attackers within the network. The biggest one is “compliance activity,” which, according to 60 percent of respondents “detracts attention from threat detection functions.” Other barriers include difficulty in distinguishing between false positives and real alerts, and lack of resources and technologies. A communication gap between IT chiefs and the rest of the C-suite is hampering the development of an effective cyber security strategy at many organizations.