The report says mostly the threat for these major enterprises are from the inside. Because Insider threats are caused by a wide range of offenders who either maliciously or accidentally do things that put an organization and its data at risk. The insider threats are more difficult to tackle for the companies and their IT professionals. The attacker can gain access to the company’s network by stealing valid user authorization like Business partners, suppliers or contractors and lastly third-party app providers who are provided with the access right.
Enterprises are investing million of dollars on their budget of IT and Network security. But still the most shocking thing from this report is this that even after spending all this money 40% organizations has faced the data breaches and failed a compliance audit in 2014.
On the other hand only a small number of 11% of the surveyed enterprises feels that after paying such big bucks to security firm they not vulnerable from the inside attacks.While the other 89% enterprises feels that they are still vulnerable and need to improve their network security to avoid further data breaches from an inside attack.
The numbers from this report are also shocking for everyone because all these major enterprises which are surveyed put aside a big budget for their IT and Security department. From those 89% enterprises who feels that they are vulnerable to an inside attack, while the 34% of those feels that their networks can be easily breached from an insider attack.
There are a big number of enterprises who had no idea where they should invest their security budget. That is one of the biggest reason behind those numbers. But still a staggering number of 92% of major enterprises from U.S , U.K , Germany, Japan, and other surveyed countries are planning to increase or maintain existing budget on their IT security and Data protection.
The report also reveled the top three volumes where data is at risk for these enterprises :
- Databases – 49%
- File Servers – 39%
- Cloud – 36%
The position is fairly consistent across most major geographies and mainstream verticals including financial services, healthcare, and the retail sector. Healthcare sector becomes another major sector for attackers to steal the personal information of people. Which will be used afterwords for their own interests.
In the light of this report by Vormetic data security we learned that the majority of enterprises are willing to increase their budget on the IT and Security this and coming years. While there are also some who are willing to invest the same as they did last year. Because these enterprises feels that they are vulnerable and can be easily breached.