Privileged users put sensitive data at risk


Individuals with access to privileged data such as healthcare records frequently put their organization's sensitive information at risk according to a new report issued by Raytheon Company.

Focusing on 'the human factor,' the survey report, titled "Privileged User Abuse and the Insider Threat", finds that many individuals with the highest levels of network access in organizations are often granted access to data and areas of the network not necessary for their roles and responsibilities.

The report reveals that 65 percent of survey respondents indicated that curiosity – not job necessity – drives these same individuals to access sensitive or confidential data.

"The results of this survey should serve as a wakeup call to every executive with responsibility for protecting company or customer sensitive data," said Jack Harrington, vice president of Cybersecurity and Special Missions, Raytheon Intelligence Information and Services. "While the problem is acutely understood, the solutions are not."

Conducted by information security industry leader Ponemon, the survey identified 693 respondents as ‘privileged users’, meaning they are network engineers, database administrators, information-security practitioners and cloud custodians.

It found that 88 percent recognize insider threats as a cause for alarm but have difficulty identifying specific threatening actions by insiders.
69 percent surveyed stated their security tools do not provide enough contextual information to determine intent behind reported incidents and 59 percent stated their tools yield too many false positives.

"Good people can make mistakes and put sensitive data at risk," Harrington continued. "Even a well-intentioned, seasoned, privileged user with wide access to a network poses great risks because they are high-value targets to corporate 'hacktivists' and persistent adversaries eager to penetrate a company's defenses."

However, he also emphasised that privileged users with malicious intent are a significant threat to an organization.

"The goal of this survey is to not only share current insider threat statistics but to educate organizations on their privileged users and the threats and attacks that can happen because of the access they own," said Harrington. "If a privileged user wants to do bad things, their elevated access to the company network makes it easier for them."

Raytheon Company, US, Jack Harrington