RSA Conference Survey: 37% of Respondents Have an Insider Threat Policy in Place for Cloud

March 3, 2016 Jamie Barnett

Greetings from RSA Conference 2016 — or as some are probably calling it, “any Best Buy on the eve of Black Friday.” The expo floor is more packed than ever, and it’s clear that IT departments from around the world are focused on evolving their security strategies to align with the reality of today’s cloud-driven, mobile-first workplace.

At Netskope, we’re of course most interested in the ever-growing volume of cloud apps used within enterprises, and how that impacts IT. As we noted in our February 2016 cloud report, enterprises are now using on average a total of 917 cloud apps — the vast majority of which are unsanctioned by IT, and 94 percent of which are not enterprise-ready. It’s the highest total we’ve recorded since we first started publishing our Cloud Report, and a 21 percent increase from the previous Cloud Report.

So, what does IT make of this ever-growing total of cloud apps with which they’re tasked to manage? We asked some of those in attendance at RSA, and came away with some interesting findings about the correlation between cloud apps and insider threats, and the need for a more unified strategy to meet this growing concern:

More Cloud Apps = More Insider Threats

An overwhelming majority (90 percent) of those polled said they believed there was a strong correlation between adding more cloud apps and a greater risk of insider threats. Interestingly, they also noted that far more often than not cloud app-based insider threats are unintentional. In most cases, employees were not acting maliciously, but rather exposing sensitive data via unsanctioned cloud apps too.

Cloud Apps are a Growing Threat Vector, but IT STILL Lacks a Unified Strategy to Deal

While nobody argues that cloud apps are enabling much greater productivity and collaboration for today’s mobile workforce, there’s equal consensus (99 percent, to be specific) that cloud apps are a growing threat vector.

In most cases, though, there’s still no central strategy to deal with this. The farther away one gets from the traditional data center, the more vulnerable cloud apps become. Of note, only 37 percent of businesses have policies in place to address cloud-based threats.

While most respondents acknowledged having at least some type of policy in place to deal with insider threats in general, those policies were largely disjointed. Respondents reported that they had insider threat policies in place for the following areas:  

  • Network (63%)
  • Cloud / SaaS (37%)
  • Personal Mobile Devices (40%)
  • Company-Issued Mobile Devices (49%)
  • Other (23%)

The Times, They Are A-Changing

In light of all of the high profile breaches over the past year, more than 70 percent of respondents reported they had either increased, or planned to increase, their budget to better address threats in 2016. It’s safe to assume that number will grow even higher as IT adapts to the new reality.

When it comes to securing yourself against cloud apps, Netskope has you covered. And it’s not too late to say hi at RSA this week; visit us at booth S1645 and catch a demo of our cloud access security broker.

About This Survey:

  • Data were collected on the RSA expo floor on March 1, 2016
  • 103 unique responses were collected

The post RSA Conference Survey: 37% of Respondents Have an Insider Threat Policy in Place for Cloud appeared first on Netskope.

Previous Article
RSA 2016: The week of the cloud access security broker
RSA 2016: The week of the cloud access security broker

As the 25th RSA Conference was winding down last week in San Francisco, I took some time to reflect on the ...

Next Article
Cloud Apps Face an Uphill Battle for GDPR Compliance
Cloud Apps Face an Uphill Battle for GDPR Compliance

As the marketing leader for Netskope in EMEA, I have been consumed lately with a topic that’s top-of-mind f...