Insiders are more responsible for data loss in businesses than outside attacks.
A survey of IT managers in Germany found that insiders were seen as the biggest danger when it came to data loss within corporate networks (54 per cent), while only 21 per cent blamed outsiders for data theft incidents.
Dietmar Kenzle, regional sales director for Germany, Austria, Switzerland and Eastern Europe at Imperva, said: “Employees within a company that have privileged rights are increasingly becoming the focus of IT security managers. The ability to directly access company databases is enough motivation to turn a regular employee into a potential criminal.
“The database server is the usual target for insider employees as it is a bastion that is easy to take and also highly rewarding. To prevent sensitive data from falling into the wrong hands, companies should be aware of possible scenarios and the methods of criminal insiders. Through the use of appropriate tools, for example, third party cloud providers, security compromises may be averted or at least mitigated.”
Talking to SC Magazine, Imperva CEO Shlomo Kramer said that one of the main problems is that the insider threat is getting more sophisticated and with the evolution of the industrialised hacking, is a huge movement in cyber crime.
Looking back at his last major interview with SC Magazine in May 2008, Kramer said data attacks from the outside were small scale and businesses could say ‘it is not going to happen to me as I am not a bank'.
“Today with automation and the large scale of these targeted attacks, we are seeing that everybody is a target. SQL attacks are done not by experts but by botnet attacks and the ability to take this to every e-commerce site, so insider is one and the other is industrialisation,” he said.
“At the high end you have the organised crime and the commoditised efforts come out of it and everyone can use it, but the spectrum moves up in its sophistication. So if you look at the traditional network security, anti-virus and firewall are not effective and not relevant to the traditional security to protect the web applications, the database, the file sharer logic and the data layers and there is a new layer that needs to be created.”
He went on to say that this is true today as the firewall is becoming more and more limited in its ability to address the new threat, and the new challenge is in the proliferation of the new tools and the ability of hackers to launch massive attacks on a large scale.