Join our panel during Black Hat 2024 – Blurred Lines: Investigating the Convergence of Internal and External Threats



A Human-centric Approach to Operational Awareness and Risk Management.

Insider Risk Insights - DTEX Blog
  • Home
  • Press
  • Most Organizations Lack Formal Insider Threat Incident Response Plan, Finds SANS and Dtex Systems Survey

Most Organizations Lack Formal Insider Threat Incident Response Plan, Finds SANS and Dtex Systems Survey

Many Unaware of Potential Financial Loss Once Insider Incident Occurs

SAN JOSE, CA – Aug 7, 2017 – Dtex Systems, a leader in user behavior intelligence and insider threat detection, in partnership with SANS released an industry report titled “Defending Against the Wrong Enemy: 2017 SANS Insider Threat Survey.” The report reveals numerous findings related to the insider threat. Key among them are that most organizations do not realize that insider-related attacks can cause serious damage, with 45 percent of respondents reporting that they do not know the potential for financial losses associated with an insider incident and 33 percent reporting that they do not know how much related losses are costing their organizations. This finding was especially troubling when taken into consideration with facts from a recent Ponemon report which revealed that organizations were spending upwards of $4.3 million to mitigate, address and resolve insider-related incidents.

Most alarmingly, the SANS report found that only 18 percent of respondents acknowledge having a formal incident response plan with specific provisions for insider threats and 38 percent of those with response plans admit that their detection and prevention capabilities are ineffective. This indicates that when it comes to winning at cybersecurity, organizations are just starting to focus on the easiest attack vector: the insider.

“It’s no surprise that insiders pose the greatest threat to cybersecurity because they are often the most vulnerable. As organizations increase perimeter security and lock down their systems, their servers have become more difficult to compromise, but it leaves insiders as the easiest target,” said Christy Wyatt, CEO at Dtex Systems. “The answer involves filling the gaps where some malware detection tools, endpoint based anti-virus platforms and user behavior analytics solutions fall short. The need for visibility into user behavior while keeping employee privacy intact has never been greater.”

The survey unveils that the insider threat continues to elude most organizations, particularly the level of damage it can create. Among some of the more salient findings revealed in the report are:

Most believe they’ve never experienced an insider attack — 68 percent of enterprises assessed believe they’ve never experienced an insider attack, but Dtex’s own assessments show that 64 percent of corporate data is publicly accessible in the cloud, 95 percent of companies researched saw employees researching, installing or using security and vulnerability testing tools and 56 percent of assessments found the potential for corporate data theft by leaving or joining employees. These findings indicate that insider threats not only continue to thrive within organizations but are growing exponentially.Malicious insiders continue to be a top concern — 40 percent of respondents rate malicious insiders as the most damaging threat vector organizations face while 36 percent rate the accidental or negligent user as most damaging. Regardless of intent, insiders are putting their organizations at risk without proper monitoring and visibility.

“For most, detecting and managing internal threats is a Herculean task because of all the unknowns associated with this attack vector. It’s easier to focus on external threats,” said Pramod Cherukumilli, Head of Product Management at Dtex Systems. “Dtex proactively conducts ongoing insider threat assessments with its privacy-compliant technology, often finding threats in organizations that use the most prevalent tools including SIEM, log management, DLP, network monitoring and more.”

For more details around managing internal threats, download the “Defending Against the Wrong Enemy: 2017 SANS Insider Threat Survey” here:

About Dtex Systems

Dtex Systems arms enterprises across the globe with revolutionary technology to protect against user threats, data breaches, and outsider infiltration. As the only solution combining unparalleled endpoint visibility with advanced analytics, Dtex is able to pinpoint threats with greater accuracy than traditional security methods without adversely impacting user productivity. To learn more, visit