Traditional technologies designed to prevent insider threats — mainly the loss or theft of sensitive data — largely fell short during the COVID-19 pandemic, as more than 75% of companies suffered a breach despite using tools to prevent data loss, according to a report from the Ponemon Institute, on behalf of Code42. This compares with 69% a year ago.
About 58% of organizations continue to use traditional data loss prevention (DLP) solutions to mitigate insider risk even though the switch to a hybrid remote work environment broke down existing security perimeters at companies. The shift rendered DLP and cloud access security broker (CASB) solutions unable to get a clear view into employee activity.
The report shows that almost 60% of corporate data security leaders expect insider risk to surge this year, saying their employees are more likely to leak information today than before the COVID-19 pandemic, the report showed.
Not only are workers taking sensitive information outside of corporate firewalls, but employee turnover has become more frequent. Workers are also blurring the lines between work and personal life in their use of devices and emails at a time when corporate policy rules have failed to evolve with the current work environment.
The report is the second part of a two-part study which showed companies were unprepared to protect sensitive data in the COVID-19 era. Ponemon surveyed 623 IT security leaders and 586 business decision makers in the U.S. Part one of the report, released in December, showed corporate employees were 85% more likely to leak sensitive data compared to before the pandemic.
"The average tenure of employees today is about three years or less," Mark Wojtasiak, vice president, portfolio marketing, research & strategy Code42 said via email. "Combined with the incredible digital transformation that has happened in the last year, employees have motive and means to take data maliciously or put it at risk unintentionally through the normal course of their work."
Another problem uncovered by the report was more than half of security professionals said they got either daily or weekly complaints that IT was mistakenly blocking workers from legitimate file activity by employees.
The report showed 63% of workers using unauthorized apps daily or weekly to share files with colleagues.
Companies need to figure out a way to keep corporate security from getting in the way of employee productivity, according to Joseph Blankenship, vice president, research director at Forrester. Not only are there employee privacy concerns, but also concerns about corporate overreach.
Zero Trust Network Access solutions are one way of monitoring security in a remote environment using cloud-based security controls, he said.
"Another way they are doing this is monitoring activity on the endpoint itself as opposed to relying solely on behavioral analytics in the network that look[s] for abnormal behavior," said Blankenship via email. "With everyone working from home during the pandemic, many of the behavioral models used by user behavior analytics became unreliable as everyone appeared to behave abnormally."