More than a third of IT professionals (35%) actually see themselves as the biggest internal security risk to networks within their organization.
According to research from Balabit, while HR and finance departments are the easiest target for social engineering, it is in fact IT staff who pose the biggest insider risk to networks, whether caused by accidental or intentional actions.
This is largely due to IT staff often possessing higher access rights than other users. This includes access to business-critical data through the IT systems they manage and control, making them a prime target for cyber-criminals.
In other words, IT professionals may understand what their most valuable assets are, but they are still struggling to safeguard them against the unpredictability of human behavior.
The global survey, undertaken in the UK, US, France and Eastern and Central Europe, also found that 47% of IT professionals considered the time and location of login the most important user data for spotting malicious activity. This was closely followed by private activities using corporate devices (41%) and biometrics identification characteristics, such as keystroke analytics (31%).
IT professionals also are recognizing the importance of capabilities which can detect the growing threat from insiders and compromised privileged accounts. When asked which security technology they would implement in the next year, regardless of budget, nearly one fifth of security professionals said they plan to use analytics to track privileged user behavior.
"As attacks become more sophisticated, targeted attacks and APTs more commonly involve privileged users inside organizations—often via hacks involving stolen credentials,” said Csaba Krasznay, security evangelist at Balabit. “Today, IT security professionals’ tough job has become even tougher. It is not enough to keep the bad guys out; security teams must continuously monitor what their own users are doing with their access rights.”
Within the privileged user network, IT professionals listed sysadmins as the biggest threat (42%) followed by C-level executives (16%). While these executives typically have limited IT skills, their credentials are worth more to hackers than any other group.
The research also highlighted the most valuable assets for hackers and found that, unsurprisingly, personal employee data is the most valuable data (56%), as this can be easily sold. However, this is closely followed by customer data (50%), and investor and financial information (46%).