Many organizations today are leveraging the Zero Trust security framework, but they forget that no-matter how much identity becomes the perimeter, people still need access to data to be able to do their jobs. Too often organizations ignore the value the of data that employees can access and the corresponding Insider Risk that access presents to the organization. Additionally, the COVID-19 pandemic magnified organizations’ Insider Risk as employees now access data via unmanaged networks and devices, often from their homes. Failing to recognize the larger business-continuity impacts that Insider Risk poses when valuable data is compromised leaves organizations vulnerable and exposed.
When we commissioned Forrester Consulting to conduct research on behalf of Code42 earlier this year, a key focus area for us was to understand how security practitioners are starting to think beyond the pandemic. For security, this essentially translates to “what does our strategy look like in a completely remote or hybrid work environment.” It is an understatement to say that security risks have changed drastically because of the pandemic. As I dug into the data more, it became clear that there has been a seismic shift. As an insightful DC villain once said, “There’s no going back. You’ve changed things forever!”
While I think the research validated some of my assumptions, it had its share of surprises too! Here are my top takeaways from our research based on how companies are currently treating Insider Risk Management (IRM) and how strategies are adapting for the future.
1. 74% of security decision makers are more concerned about Insider Risk than before the pandemic
No surprises on this one. Given the reality that workforces are remote, VPN tends to be an avoided 3-letter word, we have our own devices, and can essentially work any time we want we’re basically living the perfect recipe for increased Insider Risk. Thankfully, the top priority of 82% of security professionals is to better protect sensitive company and customer data. To tackle this, organizations are finding new approaches to protecting data, including protecting against internal breaches. Enter IRM!
2. Zero Trust is driving the shift to Insider Risk Management, proactively!
The key word here is proactively. Insider Risk strategies are often a knee jerk reaction to a breach that has already occurred. A proactive and holistic approach to the problem has been overdue given the alarming increases we see in insider threat year over year. The adoption of Zero Trust, along with an increasingly remote workforce, insider threat incidents, and expanded use of third-party vendors, have pushed decision-makers to focus more heavily on IRM as the risks posed by insiders manifest in new ways through (and soon beyond) the pandemic.
3. Data Leaks continue to happen because DLP strategies don’t work!
You’ve heard this from us before, but it’s worth reiterating. Many organizations continue to rely on legacy strategies and solutions to tackle this problem. 66% of respondents admit that they experience data leaks due to insiders at least monthly. On top of that, nearly three-quarters (71%) agree that the traditional approach to data leak prevention isn’t working, furthering the shift to a more holistic approach.
While technology is a big part of solving the Insider Risk problem, we cannot overlook the human side. Security awareness (as I noted in my previous blog: 10 Takeaways from Gartner 2020 Market Guide for Insider Risk Management Solutions) is emerging as a key investment area to mitigating Insider Risk. By turning our employees (the insiders) into security advocates, we empower them to become extensions of our security strategies. Rather than hindering, successful security programs embrace employees as security advocates to support safe data handling and computing use.