Inside the 2017 Threat Monitoring, Detection, and Response Report

Share and earn Cybytes
Facebook Twitter LinkedIn Email

The Crowd Research Partners 2017 Threat Monitoring Report was recently released and it is no surprise the majority of organizations think insider attacks have generally become more frequent over the last 12 months. What is a surprise is that only 30% of organizations feel moderately to extremely confident about their insider threat security posture. Granted it is challenging enough trying to keep the bad guy’s out, but protecting your organization from external threats AND from both malicious and accidental insiders is an important balancing act organizations have to consider. It is time we look at the data and figure out what we can do to deal with the insider threat epidemic.


The report mentions that 64% of organizations are most concerned about an inadvertent data breach or compromise, 60% are concerned with the malicious insider data breach, 60% are concerned with a compromised data, and 57% are concerned with the negligent data breach. The report outlines the four categories of insider threat as the: Accidental insider, Malicious insider, Compromised insider, and the Negligent insider.

Within these categories of insiders, 50% of organizations report feeling most vulnerable to standard business users, 47% say Privileged IT users, and 47% say it is 3rd parties. This aligns with the concern of the accidental and malicious insider survey results. Organizations seem to have a clear understanding of where the problem lies, but what are they doing about it?


Mitigating insider threats is challenging because people are difficult to predict. On top of that, insiders are already at the end of the traditional cyber-attack kill chain, so traditional security procedures and tools won’t apply.

The stats verify that just how hard it is to detect insider threats.


Training takes the number one spot. In these sessions, it may feel like you are putting your people to sleep or it might be going in one ear and out the other, but training your people on proper cyber security hygiene is critically important. Finding creative ways to make the training stick will go a long way.

In the number two spot, we see user activity and behavior monitoring. Having visibility is crucial because you can’t address what you can’t see. These solutions can often be a quick way to understand and investigate what areas need to be addressed.

Implementing a formal information security governance program grabs the third spot. Establishing and maintaining a framework that provides assurance that information security strategies are aligned with and support the business is more important than every shiny tool in your security stack. A number of other technologies are mentioned as tools to combat insider threat. When selecting one of these methods you must ensure that the solution provides the ability to detect incidents, provide insight, and empower your people to respond quickly.


The fact is, the majority of organizations have already or will face an insider threat related incident in 2017. Organizations have to equip themselves with a proper plan to respond quickly, but according to the report, the recovery speed seems to be taking longer than expected.

Insider threats are on the rise because employees are being given access to more data and systems, have increasing freedom to work in mobile workspaces, and companies are constantly seeking how they can leverage third parties.

The key takeaway is now is the time implement an insider threat program, train your users and empower security teams with the tools they need to detect and respond to incidents quickly.


See the full report here.

To learn more about how ObserveIT can help you identify and eliminate insider threats, visit

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About ObserveIT
ObserveIT is a user monitoring and investigation solution that identifies and eliminates insider threats. It continuously monitors user behavior and alerts IT and Security teams about activities that put their organizations at risk. ObserveIT provides comprehensive visibility into what all users are doing, while meeting compliance standards and reducing investigation time from days or hours to minutes.
Promoted Content
[report] 2018 Cost of Insider Threats: Global Organizations
According to The Ponemon Institute’s report, “2018 Cost of Insider Threats: Global Organizations,” the average cost of an insider threat annually is $8.76 million. It’s critical for organizations to understand the main causes of insider threats, because detecting insiders in a timely manner could save millions of dollars. Depending on the industry and size of company, the cost of an insider threat varies dramatically. Check out the full report to see The Ponemon Institute’s findings, and understand how to detect and prevent insider threats in the future.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?