Privileged Use Also a State of Mind, Report Finds

A new insider threat report from Raytheon and Ponemon reveals a privileged user mindset.

Most users with privileged access say they peek at their organizations sensitive or confidential data out of curiosity -- not as part of their work, a new study finds.
According to a
Ponemon Institute report
commissioned by Raytheon (registration required), 73% of privileged users -- network engineers, database administrators, security professionals, and cloud computing administrators -- say they are authorized to view all the information they can via their user privileges, and 65% of them do so merely because they are curious about the information.
Theres the human factor: [the ones] where its not their job to go exploring. Over half are accessing that information just because they want to see whats out there, says Michael Crouse, director of insider threat strategies at Raytheon. A person being curious and then exposes [data] could do damage to the company.
Crouse says the Ponemon report also shows how many of these users have a sense of superiority merely because they have such vast access to data in their organizations. That tells me thats alarming to a CIO or CISO. The danger is that these entitled users may feel above the law and free to snoop at data unnecessarily.
According to the report, 83% of organizations say insider threats are worrisome, but they have trouble spotting potential insider threat activity. Nearly 70% say their security tools dont provide the analysis and context to determine intent behind incidents, and nearly 60% say their tools flood them with false positives.
Nearly half say a malicious insider likely could use social engineering or other ways to get another users data access privileges, and 45% say outside attackers could socially engineer and target privileged users to gain access to their enterprise infrastructure.
Half of the respondents consider customer data most at risk, while 59% say general business information is in the bulls eye. A little more than 70% use authentication and identity management tools to track and manage insider threat issues.
Weve spoken to [enterprises] around the country and internationally, and they dont want to be the next Booz Allen or government agency with a malicious insider, Crouse says. They are trying to stay out of the limelight.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Privileged Use Also a State of Mind, Report Finds