Malicious insiders still a key threat to business security
A new ransomware survey from Gigamon has revealed that one in three organisations see malicious insiders as a route for ransomware attacks.
The Gigamon State of Ransomware 2022 and Beyond report found that 59% of organisations believe ransomware has worsened in the last three months, with phishing (58%), malware/computer viruses (56%) and cloud applications (42%) cited as other common threat vectors.
As new ransomware threats continue to evolve and work culture changes, the risks are becoming more prevalent for these kinds of attacks, and 95% of respondents (and 99% of CISOs/CIOs) viewed the malicious insider as a significant risk to a business.
While there is a significant increase in attacks, 66% of respondents said that they now have a strategy for addressing both types of insider threats. Gigamon says it’s clear, however, that many organisations still lack the visibility required to distinguish which type of insider threat is endangering their business, making it significantly harder to mitigate risk.
Gigamon field CTO (global) and director of the security architecture team Ian Farquhar says organisations need to be aware and prepared for the future in order to prevent further damage. He says it takes a whole company approach and recognition of deep observability, which is harnessing actionable network-level intelligence to amplify the power of metric, event, log and trace-based monitoring tools.
“Deep observability is acknowledged by security teams around the world as crucial to a successful ‘defence in depth’ posture,” he says.
“This holistic visibility is essential to support infosecurity professionals as they battle a number of challenges, including cloud misconfigurations and the rise in malicious insider threats, as well as a culture of finger pointing and blame when things go wrong.”
The survey also revealed that 88% of global respondents believed that there is a ‘blame culture’ in the cybersecurity industry, with 37% in Singapore saying individual blame when breaches occur is seen as a ‘heavily prevalent’ occurrence.
To overcome this issue, 42% of organisations reported to call for more transparency, as well as industry-wide initiatives (29%) and the need to provide CIOs/CISOs with ‘deep observability’ (22%).
It was revealed that awareness of Zero Trust’s complexities has grown, meaning many enterprises now lack confidence in its implementation. 44% of EMEA now believe that Zero Trust requires too much oversight and resources, and this figure is up 21% from the Zero Trust 2020 Gigamon report.
On the other hand, deep observability was found to be recognised as crucial to cybersecurity, not only for ransomware protection but even more so for protecting hybrid and multi-cloud infrastructures and ensuring safe cloud migration.