Insider Threats From Third-Party & Employee Access Grow

Less than a third of IT security pros feel confident about identifying insider threats with third-party and employee access their biggest concerns according to Atlanta based identity/access management firm Bomgar’s report.

In its “2018 Privileged Access Threat Report,” Bomgar also revealed less than 35% of security and IT professionals feel very confident they have ability to identify threats from employees with privileged access; and 75% have seen the number of vendors with access to their networks increase in the last year, but 33% believe they spend too little time monitoring third-party vendor access.

The global survey explored the visibility, control, and management that IT organizations in the U.S. and Europe have over employees, contractors, and third-party vendors with privileged access to their IT networks. According to the report 50% of organizations have suffered a serious data breach or expect to do so in the next six months due to third-party and insider threats.

The report found the most trusting sector is financial services, where 46% of organizations said they completely trust insiders and 41% completely trust third-party vendors. These results are higher than in any other sector even though financial services organizations are most likely to have experienced an insider or third-party breach in the last year. Financial services also revealed the most concern of any sector about insider threats moving forward. Firms are either very or fairly concerned about insider credentials used for malicious purposes, whether intentionally (68%) or through phishing (67%).

Matt Dircks, Bomgar CEO, said, “IT administrators and third-party vendors need privileged access to be able to do their jobs effectively, but the number of privileged users is growing exponentially, and access to systems and data is often being granted in an uncontrolled way. In the face of growing threats together with the introduction of the EU GDPR, there has never been a greater need to implement organization-wide strategies and solutions to manage and control privileged access.”

Some two-thirds of organizations claimed that they could have experienced a breach due to third-party access in the last 12 months, and 62% due to insider credentials.

A large part of the risk sits with the organizations themselves, as the report found that 73% rely on third-party vendors too heavily, and 72% have cultures too trusting of partners.

The report also found that problematic employee behavior continues to be a challenge for most organizations.

Among the problems cited: Writing down passwords, for 65% of organizations (55% in 2017); and colleagues telling each other passwords for 54% of organizations in 2018 (46% in 2017). The report revealed, indicates that poor password hygiene continues to be a growing issue, or it may be that organizations are more aware of these behaviors due to an increased focus on data protection and privacy.

The report showed some organizations are managing these risks with a privileged identity and access management solution. From the research, these same organizations experienced less severe security breaches and have better visibility and control than those who use manual solutions or no solution at all. Forty-four percent of organizations using PAM experienced a serious breach or expect to in the next six months, compared to 69% of those without privileged user control.

The report suggested as the vendor ecosystem grows, and employees gain more trust, organizations need to accept a way to mitigate risks is by managing privileged accounts through technology and automated processes that not only save time, but also provide visibility across the network. Dircks added, “By implementing cybersecurity policies and solutions that also speed business performance, versus putting roadblocks in users’ way, organizations can begin to seriously tackle the privileged access problem.”

More than 1,000 key decision makers with visibility over the processes associated with enabling internal users and external parties to connect to their systems completed the survey in February 2018. Those surveyed across the United Kingdom, the United States, Germany and France, were all IT professionals across operations, IT support/helpdesk, IT security, compliance and risk or network/general IT roles from a range of industries, including manufacturing, finance, professional services, retail, healthcare, telecoms and the public sector.