3 in 4 APAC firms have no strategy vs insider threats

Image courtesy of Imperva

The majority (58%) of incidents that negatively impacted sensitive data in the last 12 months was caused by insider threats, and yet more than half (59%) of Asia Pacific organisations do not prioritise insider threats the way they prioritise external threats, according to new research commissioned by Imperva and conducted by Forrester.

“This approach is at odds with today’s threat landscape where the risk of malicious insiders has never been higher,” said George Lee, Imperva’s VP for  Asia Pacific and Japan. 

“The rapid shift to remote working means many employees are now outside the typical security controls that organisations employ, making it harder to detect and prevent insider threats,” said Lee.“Further, ‘The Great Resignation’ is creating an environment where there is a higher risk of employees stealing data.”

He said this data could be stolen intentionally by people looking to help themselves in future employment, or it could be taken inadvertently when an employee leaves the organisation.

Forrester conducted an online survey in September 2021 with 464 Security/IT professionals with responsibility for managing/responding to insider threats at organisations in Asia Pacific; Europe, Middle East, Africa and Latin America; and North America. Participating APAC countries were Japan, India, Australia and New Zealand.

The majority of APAC respondents blame lack of budget (41%) and internal expertise (38%), but other problems abound. 

A third (33%) of firms do not perceive insiders as a substantial threat, and 24% say their organisational indifference to insider threats is due to internal blockers such as a lack of executive sponsorship. 

The study found that three-quarters (74%) of APAC organisations do not have an insider risk management strategy or policy, and 70% do not have a dedicated insider threat team.

The findings show that organisations are woefully underestimating the seriousness of insider threats.  APAC firms are prioritising external threats over insider threats, despite the fact that insider events occur more often, said Lee. 

The main strategies currently being used by APAC organisations to protect against insider threats and unauthorised usage of credentials are encryption (54%) and periodical manual monitoring/auditing of employee activity (44%). 

Despite these efforts, breaches and other data security incidents are still occurring and more than half (55%) of respondents said that end users have devised ways to circumvent their data protection policies.

Imperva recommends for organisations that are looking to better protect against insider threats to take the following steps:

  • Gain stakeholder buy-in to invest in an insider risk program. 
  • Follow Zero Trust principles to address insider risk. 
  • Build a dedicated function to address insider risk. 
  • Create processes for your insider risk program and follow them. 
  • Implement a comprehensive data security strategy.