New research shows organisations are failing to address the issue of insider threats during a time when the risk is at its greatest.

Negligent insiders are the root cause of 56% of incidents while credential thefts have almost doubled and are the costliest to remediate.

Almost half of organisations in the global survey say their visibility into user logs and user activity is limited, which creates ‘blind spots’ for potentially risky behaviour.

Organisations still operate with limited visibility of user activity associated with web applications, despite the risk of insider threats and credential theft.

The high profile cases of Edward Snowden and Chelsea Manning also provide an enduring yet often overlooked lesson about insider attacks.

Insider threats come from people inside an enterprise, whether they divulge proprietary information with nefarious intentions, or are just careless employees that unwittingly share sensitive data, writes Bitglass product marketing manager Juan Lugo.

Today, TechDay speaks to Bitglass senior director of marketing Jonathan Andresen, who discusses insider attacks and the best solutions and practices to employ to protect organisations and employees.

The solution will give customers a fuller picture of their environment, and will leverage automated incident response to obstruct insider threat before data loss occurs.

It comes as rapid migration to cloud and remote working and BYOD scenarios leave organisations increasingly vulnerable to insider attacks as a result of the upheaval caused by the COVID-19 pandemic.

The solution employs behavioural analytics algorithms to find malicious user activities and automates the review of privileged account activities. 

Proofpoint will hand over US$225 million as part of a new arrangement to acquire insider threat management platform ObserveIT.

While larger organisations and incidents hog the headlines, plenty of illicit activity is slipping under the radar – and staying there.

The financial services sector reported the second-highest number of data breaches in the 12-month period covered by the latest OIAC report.

While strengthening your organisation’s external defences with the latest tools and technologies makes sound sense, it’s only half a battle plan.

The biggest challenge for most external threat actors is gaining access to a target organisation, but insider threats already have this.

Insider threat is real, according to a new report that highlights employee behaviour around sharing corporate information.

Companies are too often hesitant to recognise, report or take action against employees who have become a threat to their organisation.

Cybersecurity professionals could be wasting as many as 10 hours per week on tasks because of software that isn’t fit for the purpose.

Korean insurance provider KB Life has taken on Darktrace machine learning technology to prevent cyber threats.

US insider threat and fraud detection vendor Securonix is eyeing up the Australian and NZ markets, as security breaches from within raise concerns.

While S&R professionals often think “outside-in” first when assessing threats, awareness of internal threats can also be a key requirement.

“The bottom line is, internally generated email, whether staying inside or going out, needs to be part of every organisation’s threat detection."