When it comes to cybercrime, it is easy to imagine that the greatest risk to a company’s data is an external threat.
However, more and more companies are realizing that their trusted and trained employees can also be a huge threat.
This is the result of a recent survey by “Haystax Technology”, which states that 74% of the organizations that responded said that they “feel vulnerable to internal threats”, with 56% of security experts saying that lately threats from within have become increasingly common. As stated, while some attacks and system violations are deliberately caused by employees, many happen because of negligence; perhaps ignoring a warning.
The report states that “Haystax” researchers have identified 3 types of workers that may pose a threat to a company’s systems and data:
- workers who, while having innocent intentions, nevertheless manage to cause damage,
- those who are careless and
- those who have some purpose.
When it comes to data breaches, “innocent” employees can cause as much damage as cybercriminals.
According to the survey, local authorities in the Norfolk, Suffolk and Cambridge areas of the United Kingdom recorded 160 violations in their systems in 2014-2015. The majority of these were due to “human error”.
Another factor is “negligence”. A survey conducted by Google in 2013 concluded that about 70% of the security warnings displayed on Chrome pop-up windows are systematically ignored by users. This means that the internet browser is not updated with the latest security releases, which leaves the systems vulnerable to external attacks.
Finally, just like “human error”, malicious actions by employees also play a role in personal data breaches. This is usually the case when a dissatisfied employee seeks “revenge” on the company he works for.
According to a survey conducted by “Nuix” in 2016, 93% of respondents said that “human behavior” is the greatest risk to data protection.
As “Haystax” says in its report, perhaps the most reasonable step that employers could do is to ensure that everyone without exception is aware of the possible impact of their actions and how they can avoid unintentional loss of data.
(Συνολικές Επισκέψεις: / Total Visits: 24)
(Σημερινές Επισκέψεις: / Today's Visits: 1)