“2024 Insider Threat Report” reveals chief concerns and modern strategies to counter evolving internal security risks.

Around the globe, a majority of organizations admit they’re ill-prepared to handle the steady increase in insider threat activity, according to a new report by Cybersecurity Insiders and Securonix. The “2024 Insider Threat Report” reveals the concerns of nearly 500 global cybersecurity professionals about the nature of insider threat challenges. These include growing concerns over malicious insiders, shifts to hybrid work environments and the difficulties in detecting insider threats.

The report found that while 76% of organizations have detected increased insider threat activity over the past five years, less than 30% believe they are equipped with the right tools to handle them. Just as concerning is that only 21% of respondents said they had a fully implemented and operational insider threat program. This highlights the inability for most organizations to effectively identify and mitigate internal security risks.

“Insider threat management programs are most successful when they receive strong support from executive leadership. This level of leadership is essential for prioritizing resources and navigating the complex technical and privacy challenges across various regions,” said Findlay Whitelaw, Field CTO, of Securonix.

“Despite its importance, many cybersecurity professionals feel their organizations fall short in this area,” Whitelaw continued. “As insider attacks continue to rise, business leaders must empower their teams to develop a security-conscious culture that encourages employees to take a proactive stance against insider threats.”

Malicious Insiders Are A Growing Concern

Insider threats are more or as difficult to detect and prevent than external attacks, according to 90% of survey respondents. While negligent employees and unwitting accomplices to external threats are the greatest sources of insider risk, the research indicated a shift in the perception of insider threats over the last five years. The survey data showed that 74% of cybersecurity professionals are most concerned with malicious insiders within their organization in 2024, which is an increase of nearly 25% when compared to responses from 2019.

“Effectively detecting and defending against insider threats requires an understanding of the different types of insider threats: malicious, inadvertent, and negligent,” said Holger Schulze, CEO and Founder, Cybersecurity Insiders. “With that knowledge in hand, the report shows cybersecurity professionals can develop sophisticated insider threat programs that have a balance of understanding human behavior, comprehensive employee training, and proactive strategies that deploy the proper tools, including advanced behavior analytics.”

Additional key findings from the report include:

• Global cybersecurity professionals indicated the main drivers and enablers of insider attacks are insufficient employee training and awareness (37%), globalization and adoption of new technologies (34%), inadequate security measures (29%), complex IT environments (27%), and disgruntled insiders (25%).
• More than 75% of organizations report an increasing prevalence of ransomware and triple extortion techniques in their environments, highlighting a growing cybersecurity threat. Information disclosure (56%) and unauthorized data operations (48%) are also leading concerns, emphasizing the importance of data-centric security measures and robust identity and access management controls.
• The challenges of securing distributed, less controlled environments led to 70% of respondents expressing concern about insider risks in hybrid work environments.
• A majority of respondents (75%) are concerned about the impact of emerging technologies, such as AI, the Metaverse, and quantum computing, on insider threats, including their misuse and the potential to amplify threat capabilities.
• Companies are chiefly concerned with the loss of financial data (44%) and customer data (41%), pointing to concerns over direct monetization for threat actors and loss of personally identifiable information (PII), respectively.

The “2024 Insider Threat Report,” including a full analysis of the data from Cybersecurity Insiders and Securonix, is available here. 

Read more about cybersecurity and business continuity issues from Continuity Insights.