SOURCE: Attachmate


September 22, 2011 11:00 ET

New Ponemon Research: Insider Fraud Is Common and Often Flies Under Corporate Radar

Data Shows the Increased Need for an Enterprise Fraud Management Solution

SEATTLE, WA--(Marketwire - Sep 22, 2011) - It's easy to point fingers when another organization has an insider fraud incident. But information from the new Survey on the Risk of Insider Fraud by Attachmate Corporation and Ponemon Institute shows that more organizations need to turn a scrutinizing eye toward their own risk.

The survey encompassed more than 700 organizations and revealed some alarming data security trends:

  • More than 75 percent of the respondents indicated that privileged users within their own institutions had or were likely to turn off or alter application controls to change sensitive information -- and then reset the controls to cover their tracks.
  • Eighty-one percent replied that individuals at their institutions either had used or were likely to use someone else's credentials to gain elevated rights or bypass separation of duty controls.
  • On average, respondents noted that their organizations experienced more than one incident of employee-related fraud per week -- about 53 in a year's time (infographic available). Twenty-four percent of respondents indicated that their organizations experienced more than 100 incidents in the past 12 months.
  • Once an incident has occurred, it takes organizations an average of 89 days to discover it, and an additional 96 days to uncover the root cause and determine the consequences to the organization.
  • A majority of respondents -- or 62 percent -- were unable or unsure of their ability to assess the financial impact and true costs of fraud.
  • Approximately two-thirds of internal fraud investigations do not result in actionable evidence against the perpetrators, meaning a majority of the incidents go unpunished and leave organizations vulnerable to additional incidents.

"This data demonstrates that employee actions across an enterprise are not visible," said Larry Ponemon, chairman and founder of the Ponemon Institute. "While organizations may have policies in place that are meant to curtail insider fraud, what's on paper doesn't necessarily lead to compliance."

In fact, 52 percent of respondents noted that they do not believe they have the appropriate technologies to prevent or quickly detect insider fraud, including employees' misuse of IT resources. Traditionally, IT departments review log files to analyze employee activity. However, 78 percent of respondents believe the manual review of log files is an inadequate method for observing questionable or suspicious employee access and computing activities.

"In a recent incident at a prominent financial institution, part of the issue with insider trading came down to the fact that the trader was straddling more than one surveillance team. The log files from each surveillance team did not see activity in other compliance units," said Christine Meyers, director of Attachmate's enterprise fraud management solutions. "Next-generation enterprise fraud management solutions, such as Attachmate® Luminet™, are able to correlate cross-channel activity, score risk and provide a screen-by-screen replay of what actually occurred. Add to that the proven deterrence factor that arises from being able to see and monitor use and abuse, and you can see why customers chose to deploy this technology."

According to the research findings, another reason insider fraud is so prevalent may be due to the fact that it does not register on a list of organizational priorities for many CEOs and C-level executives. Only 16 percent of survey respondents indicated that CEOs and other C-level executives recognized the risks of insider fraud as very significant. Organizations face significant consequences from internal incidents, such as financial implications, reputation damage, and/or theft of sensitive or confidential information. Yet, insider fraud remains a high risk for organizations, mostly because they fail to implement sufficient resources to prevent or quickly detect insider fraud.

"By highlighting this data, we hope to encourage organizations to realize they are not immune," said Meyers. "Insider threat is a real and growing risk. It is the kind of threat that gets worse the longer you fail to take action. Institutions are increasingly being held accountable for failing to address this critical issue. Wringing our collective hands and claiming 'nothing can be done' is to concede defeat. Organizations with leadership and vision are taking a stand and seeking solutions today before they become tomorrow's headline."

The Ponemon Institute and Attachmate Luminet will review the findings further in a live webcast on Monday, Sept. 26, at 1 p.m. ET (10 a.m. PT). To register for the event, please visit

For information about Attachmate Luminet enterprise fraud management software and customer use scenarios, visit

About Attachmate Luminet
Attachmate Luminet helps organizations detect fraud, support audits and get compliant. Luminet monitors user transactions across multiple data channels providing visibility into user activity across enterprise applications. Data is captured -- screen by screen, keystroke by keystroke -- giving investigators and auditors the insight they need to take action. With Luminet, organizations across every industry -- from banking and insurance to retail, healthcare, and government -- can proactively stop insider fraud, support their compliance efforts, and get ahead of the audit curve.

About Attachmate
Attachmate, a business unit of The Attachmate Group, delivers advanced software for terminal emulation, legacy modernization, managed file transfer, and enterprise fraud management. With our trusted technologies, businesses around the world are putting their IT assets to work in new and meaningful ways. Founded in 1981, Attachmate has accounts in the Global 10,000 enterprises. We are committed to delivering high-quality products, providing exceptional customer service, and being easy to do business with. Attachmate is one of four business units in the privately-held software holding company called The Attachmate Group, Inc. The other three business units are Novell, NetIQ, and SUSE. For more information, visit

About Ponemon Institute
The Ponemon Institute is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries. For more information, visit

Copyright© 2011 Attachmate Corporation. All Rights Reserved. Attachmate and the Attachmate logo are registered trademarks of Attachmate Corporation. NetIQ and the NetIQ logo are trademarks or registered trademarks of NetIQ Corporation. Novell, the Novell logo, SUSE and the SUSE logo are registered trademarks of Novell, Inc. All other trademarks, trade names, or company names referenced herein are used for identification only and are the property of their respective owners.

Note to Media: The executive summary of the survey and additional infographics are available upon request.

Contact Information