The threat from withinPrivileged access users in the enterprise
Total incidentsof insider misusein 2013.2
of organizations fail to block PAU access to sensitive data.5
73%
71%21% 28%
2%Local areanetwork
Physicalaccess
Remoteaccess
Other
Access points for insider misuse9
348 billion a year in corporate lossescan be directly tied to privileged user fraud.4
of which were dueto privilege misuse.3
Say Edward Snowden has eithercaused significant or some increase in the organization’s level of concernabout insider threats.8
88 %
#1problem deliveringand enforcing PAcontrols is ability to keep up with accesschange requests.7
Who is the privilegeduser?
Sources: 1 Privileged User Abuse & The Insider Threat, Ponemon Institute, June 2014 2 Verizon data breach investigation report 20143 Verizon data breach investigation report 20144 ACFE Report to the Nations on Occupational Fraud & Abuse, Association of Certified
Fraud Exam¬iners Inc., 2012 5 Vormetric 2013 Insider Threat Report
DatabaseAdmin
SystemsAdmin
NetworkEngineer
IT SecurityPractitioner
IT AuditPractitioner
Data CenterManager
ApplicationDeveloper
6 Privileged User Abuse & The Insider Threat, Ponemon Institute, June 2014 7 Privileged User Abuse & The Insider Threat, Ponemon Institute, June 20148 Privileged User Abuse & The Insider Threat, Ponemon Institute, June 2014 9Verizon data breach investigation report 201410 Common Sense Guide to Mitigating Insider Threats, 4th Edition, CERT
88%
11,698
of companies donot have policies for assigningprivileged useraccess rights.6
49%
In more than 70% of IP thefts, insiders stole the information within 30 daysof announcing their resignation.10
I QUit!70%
Top Related