Employee’s Secret IT Habits: A Cyber Attack Waiting to Happen!

According to a report by cybersecurity firm Kaspersky, 89% of Indian organisations have suffered cyber incidents in the last two years, with 20% of these incidents caused by the use of shadow IT. Globally, the use of shadow IT by employees has caused cyber incidents in 11% of organisations over the same time period. Shadow IT refers to the use of IT infrastructure outside of the control of a company’s IT and information security departments, including software, applications, unsolicited devices, and public cloud services. The report warns that the use of shadow IT by employees, especially with the increasing trend towards remote and distributed workforces, puts organisations at a high risk of cyber incidents. The study also revealed that the IT industry has been the hardest hit by shadow IT incidents, followed by critical infrastructure, transport, and logistics organizations. To mitigate the risks of shadow IT, the report recommends building cooperation between the business and IT departments, regularly conducting inventories of IT assets, implementing access control systems, providing training programs to improve employee information security literacy, and deploying products and solutions to limit the use of unsolicited apps and websites.