Employees, not hackers, pose the biggest security threat.

December 18, 2023
1 min read

Employees may pose a higher security risk to businesses than external hackers, according to a study conducted by IT security company, Imperva. The research found that internal security breaches and data abuses accounted for 58% of sensitive data incidents.

  • 61% of these insider incidents weren’t simple mistakes. Instead, they were attributed to deliberate abuse or malicious intent from employees.
  • Despite this, 60% of IT and data security professionals prioritize combating external threats rather than internal risks.
  • The report also highlights that 72% of organizations have no strategy to handle insider threats.

One potential driving factor behind the rise in insider threats could be the cost-of-living crisis, prompting employees to sell sensitive data and intellectual property to competitors. Aside from financial crimes, other motivators for insider attacks include revenge from disgruntled employees who are leaving the company.

Evan in cases where there’s no malicious intent, employees can still pose a threat to a company’s cybersecurity by neglecting to follow IT security policies. For example, cybersecurity firm Armis found that more than two-thirds of UK businesses are put at risk by employees downloading non-approved software onto their work devices.

The rise in remote working may be exacerbating these insider threats by reducing corporate security controls and supervision. Furthermore, the increasing complexity of enterprise systems and the pressure to adopt new technologies can make it harder to manage these risks.

To mitigate the risk of insider threats, businesses are recommended to implement a ‘zero-trust security model,’ granting employees the minimum level of access needed to perform their tasks. This strategy significantly reduces the potential attack surface.

Other solutions include involving the board in cybersecurity strategies, rethinking the language used to describe employees as ‘the weakest link,’ and providing effective security training — all crucial in turning a ‘weak link’ into a strong defense line.

While monitoring employee activity can be a way of managing insider threats, firms need to consider the legal implications and potential detrimental impact on morale and trust. Treating employees well and maintaining a positive working environment can go a long way in preventing disgruntlement and malicious behaviour.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and