Join our panel during Black Hat 2024 – Blurred Lines: Investigating the Convergence of Internal and External Threats



A Human-centric Approach to Operational Awareness and Risk Management.

Insider Risk Insights - DTEX Blog
  • Home
  • Press
  • 100 Percent of Organizations have Active Insider Threats, Dtex Systems’ Research Sh

100 Percent of Organizations have Active Insider Threats, Dtex Systems’ Research Sh

Failure to eliminate insider threat blind spot leads to rising sensitive data exposure rates on the public web, email and phone revenge attack, more visits to high-risk websites, and leaves trusted employees vulnerable to attacks

SAN JOSE, California – May 15, 2018 – Dtex Systems, a leader in user behavior intelligence and insider threat detection, today announced availability of its 2018 Insider Threat Intelligence Report. Findings are based on threat assessments from global organizations in public and private sector industries.

Dtex found active insider threats in all assessed organizations. This is clear proof that no businesses have been able to eliminate the insider threat blind spot. Failure to gain visibility is allowing malicious and negligent employees to engage in undetected high-risk activities on every endpoint, on and off the network. Malicious employees are users that intentionally harm their organizations through theft, sabotage, and blatant disregard for security policies and controls. Negligent employees are often times trusted users that hurt their organizations due to a lack of awareness, error, or because they are not defended against attacks.

Key findings include:

78 percent of assessments found instances of company data that was accessible via the public web, which was caused by negligent employees’ improper use of Google Drive, Dropbox, Box and other cloud apps; up 14 percent over last year60 percent of assessments identified instances of malicious employees using private, anonymous or VPN browsing to bypass security controls or to research how to bypass controls.90 percent of assessments discovered that negligent employees were transferring company data to unencrypted and unauthorized USB devices.91 percent of assessments recognized that negligent employees were expanding the phishing attack surface by accessing personal web mail accounts on company machines; a behavior that was up 4 percent over last year.67 percent of assessments uncovered cases where malicious employees were visiting inappropriate and risky gaming, gambling and pornography websites; up 8 percent over last year.An assessment exposed a “revenge” attack, where a malicious employee filled out online forms with a senior staff member’s contact details, this caused the target’s inbox and phone to be overrun with nuisance emails and calls.

To conduct the threat assessments covered in the report, Dtex analyzed anonymized data about user behaviors taking place on public and private sector organizations’ endpoints. The data was compared to more than 5,000 known bad-behavior patterns and then turned into intelligence that revealed where insider threat patterns were active. Organizations examined are based in North America, South America and Europe. They included small, midsize and large multinational corporations in a wide range of industries: financial services, legal, technology, public sector, energy, retail, transportation, real estate, and pharmaceutical. Organizations reviewed span the small, mid-size and large categories. Some employ as few as 500, others more than 100,000. To access the full report visit:

Supporting Quotes

“While malicious users are always looking for new ways to defy security controls, not all internal risk comes from bad intent. Trusted employees don’t always understand when they are engaged in damaging activities and can fall prey to bad actors looking to steal their credentials. The lack of visibility into all types of user behaviors is creating employee-driven vulnerability problems for every business,” said Christy Wyatt, CEO, Dtex Systems. “Organizations have to secure data, neutralize risky behaviors and protect trusted employees against attacks and their own errors. To accomplish all of this, they have to see how their people are behaving and have a mechanism that provides alerts when things go wrong.”

“Organizations come to us because they know their employees are engaged in risky behaviors. They usually have no clue of how wide spread these activities are until after we eliminate the insider threat blind spot for them,” said Rajan Koo, vice president of customer engineering and lead threat researcher. “After we provide them with intelligence that shows them where risk exists, they are able to take steps to mitigate situations before they worsen.”

“Business needs to get out of the cybersecurity denial phase it is stuck in. To do this, it must accept that it needs more visibility into what’s going on in its environment,” said IT-Harvest Chief Research Analyst and Charles Stuart University Lecturer Richard Stiennon. “This report is a needed reminder of just how oblivious organizations are to high-risk activities that lead to things like data breaches, ransomware attacks and IP theft.”

About Dtex Systems

Dtex Systems arms enterprises across the globe with revolutionary technology to protect against user threats, data breaches, and outsider infiltration. As the only solution combining unparalleled endpoint visibility with advanced analytics, Dtex is able to pinpoint threats with greater accuracy than traditional security methods without adversely impacting user productivity. To learn more, visit