Annual Data Exposure Report 2022: Part I
Exponential growth, lagging indicators, flattening the curve — the pandemic forced us all to get familiar with concepts like these. And these same ideas are extremely relevant to how we should all be thinking about Insider Risk right now. We just got our hands on the findings from our Annual Data Exposure Report 2022, and it showed an alarming trend: Almost every company today is dealing with Insider Risk — 3 in 4 admit Insider Risk is a big problem. But awareness of the problem is a “lagging indicator” of what’s really going on inside most organizations.
The proliferation of cloud tech keeps accelerating Insider Risk — amplified by the not-going-away-anytime-soon Great Resignation and the here-to-stay shift to hybrid-remote work models. Cybersecurity practitioners are sounding the alarm bells on exponentially growing Insider Risk. Yet when it comes to Insider Risk mitigation, budgets aren’t shifting to compensate — and most companies haven’t prioritized improving their Insider Risk management capabilities. Awareness without action is leaving a huge gap: 71% of companies still don’t know what and how much sensitive data is moving outside corporate visibility — or walking out the door with departing employees.
The numbers you need to know
Our Annual Data Exposure Report 2022 study, conducted by Vanson Bourne, surveyed 700 business leaders, security leaders and practitioners from companies in the U.S. Just as with past years’ surveys, the goal was to take the pulse of the cybersecurity world’s data protection challenges. Here are some of the highlights — or lowlights:
- 96% of companies experience challenges protecting corporate data from Insider Risks and 73% report Insider Risk is a big problem within their company.
- There is a one in three (37%) chance your company loses IP when an employee quits.
- 71% of respondents are concerned about their lack of visibility over what and how much sensitive data departing employees take to other companies.
- Only 21% of companies’ cybersecurity budgets have a dedicated component to mitigate Insider Risk — a slight increase from last year’s Annual Data Exposure Report.
But the numbers only tell part of the story here. Digging into the challenges our survey respondents reported, three key trends are clearly driving rising Insider Risk in almost every organization. In this blog, we’ll dive into the first trend. Be sure to come back for two more blogs where we’ll explore the second and third trends:
- Cloud technologies drive the modern workforce: The continued adoption of cloud technologies by the hybrid-remote workforce – and security’s lack of visibility into data as it moves across those technologies.
- The Great Resignation: Sustained, high turnover increasing risk of departing employees’ theft of IP.
- Internal misalignment on Insider Risk: Ongoing misunderstanding and poor communication between stakeholders at the board, security leadership and security practitioner levels.
Cloud tech powers the hybrid-remote workforce — and increases Insider Risk
The accelerating cloud shift got turbocharged by the pandemic. It’s now without question that cloud apps make it more seamless to connect from anywhere, easier to share and collaborate, and faster to get work done and move value to market. It’s also clear that the hybrid-remote workforce is here to stay in most organizations. Companies are still figuring out what that balance looks like, but a recent PwC study found less than 1 in 4 workers are willing to return to “almost entirely in the office” work models. Wherever companies land on this, cloud apps are the engine that now powers the modern hybrid-remote workforce.
But these cloud super-tools have their own kryptonite: The same capabilities that empower employees to connect, create and collaborate faster and easier also make it faster and easier to exfiltrate data (intentionally or unintentionally). I mentioned this in my last Incydr Scoop post: Removable media (thumb drives, etc.) is trending down as an exfiltration vector, while cloud exfiltration is skyrocketing — up 51% just since Q3 2021. I’ll say this loudly for everyone to hear: We predict that exfiltration via cloud services will become the exfiltration vector of choice in early 2022.
The problem here isn’t just that employees are exfiltrating files via cloud apps. It’s that cloud visibility is a huge blind spot for most security teams. This is especially true for files moved to an untrusted or unauthorized location (i.e., not within the corporate cloud environment) — or for companies using outdated data protection tools like DLP that can’t see cloud activity because they were built for an age before the cloud. The 2022 Data Exposure Report survey reflects these realities: 71% of cybersecurity professionals are concerned about sensitive data hosted outside of corporate storage where security teams lack visibility.