98% of Organizations Have Sensitive Data Publicly Exposed in Cloud Applications and Services, According to Dtex 2019 Insider Threat Intelligence Report
Report Includes Real World Example of How the Dtex User Behavior Intelligence Platform Detected a Chinese National Attempting to Steal Data from Major Financial Services Provider
SAN JOSE, Calif. — Feb 20, 2019, 7 AM PST — Dtex Systems, the leader in insider threat intelligence and detection, today announced availability of the Dtex 2019 Insider Threat Intelligence Report. Now in its third year, the report is regarded as the industry standard for the identification and mitigation of insider threat trends, patterns and behaviors. To identify top threats, our insider threat specialists used the Dtex Advanced User Behavior Intelligence Platform to collect and analyze information from work-issued endpoints across more than 300,000 user accounts. Proprietary, cloud and personal accounts such as email were included in the total. Assessed organizations spanned multiple industries across North America, Europe (EMEA) and the Asia Pacific Region (APAC). Among the top insider threat trends identified:
- 98% of assessments discovered sensitive and confidential information exposed and available online and in the cloud; found primarily in Dropbox, Google G Suite, and Microsoft Office 365. This was an increase of 20% over 2018.
- 100% of assessments detected sensitive and confidential data transfers taking place via unencrypted and encrypted USB drives, personal email accounts, and cloud applications. This was an increase of 10% over 2018, which looked at transfer via unencrypted USBs only
- 97% of assessments detected employees who were flight risks, a class of insider threat that often steals data and IP. This was an increase of 59% over 2018.
- 95% of assessments detected employees attempting to bypass or circumvent security controls via anonymous browsing, VPN and TOR usage. This was an increase of 35% over 2018.
- 76% of assessments detected employees engaged in high-risk internet surfing, including visiting pornography, questionable gaming and gambling sites. This was an increase of 9% over 2018.
“Many organizations don’t completely understand how the insider threat impacts their businesses. It’s not just created by malicious actors like Edward Snowden, who are few and far between. The insider threat stretches across all employees, contractors or other third parties that have been granted or surreptitiously gained access to networks and who have the potential to place data and systems at risk,” said Rajan Koo, Dtex VP of customer engineering and head of the insider threat analyst team. “Our annual insider threat intelligence report provides a valuable education on what the insider threat is, how it manifests, and how to detect it before it creates catastrophic circumstances.”
In addition to delivering deep insights into top insider threat trends, the report provides real-world case studies. These demonstrate how to detect and prevent cybercriminals from stealing information and trusted insiders from engaging in risky behaviors. Special focus is given to the recent case of Yi Zheng, a Chinese National who attempted to steal confidential customer information from Dtex customer AMP, a major financial services provider. Another case study shows readers how to stop users from turning off and bypassing security controls. Others demonstrate how to prevent people from executing malicious downloads and from engaging in high-risk web surfing activities. More provide guidance on how to better detect negligent behaviors and how to create “teachable moments” that can reduce risk among insiders who make mistakes or are unaware of secure practices.
Download the Dtex 2019 Insider Threat Intelligence Report (https://dtexsystems.com/2019-insider-threat-intelligence-report)
Dtex today also announced its newest product release: Dtex Systems Enhancements Increase Visibility Over System Administrator Activities and Behaviors (https://dtexsystems.com/press/dtex-systems-transforms-endpoint-user-behavioral-data-into-intelligence-that-detects-potential-insider-threat-risks-at-enterprise-scale)
Attend the 2019 Dtex Global Insider Threat Summit during RSA, featuring former NSA Director and Commander of US Cyber Command Admiral (Ret.) Mike Rogers: Register
Visit the new website: www.dtexsystems.com
Follow Dtex on Twitter: https://twitter.com/DtexSystems
Join Dtex on LinkedIn: https://www.linkedin.com/company/dtex-systems
Like Dtex on Facebook: https://www.facebook.com/Dtex-Systems-297181017056254
About Dtex Systems
Dtex turns employees, executives, contractors and partners into trusted insiders. The award-winning Dtex Advanced User Behavior Intelligence Platform reduces insider threat risk by providing intelligence about behaviors and activities across massive numbers of distributed users. Dtex combines the largest library of known malicious and negligent behaviors, machine learning and advanced analytics. This gives the platform the power to detect insider threats in near real time, reduce false positives, and free security and risk professionals from having to spend time analyzing overwhelming volumes of data and logs. Dtex is scalable and deploys quickly. It only collects light-weight data needed to identify risky behaviors, which never slows network, endpoint or user performance. Patented anonymization capabilities protect privacy and ensure compliance. Investors include Wing Venture Capital and Norwest Venture partners. Customers include the world’s leading banks, manufacturers, healthcare organizations, government agencies, and law firms. The Defense Information Systems Agency (DISA), Williams Formula 1 Racing, and Freshfields Bruckhaus Deringer are among customers using Dtex to reduce insider threat risk. https://www.dtexsystems.com/
News Media Contact