Join Our Newsletter

تحت رعاية سمو الشيخ منصور بن زايد آل نهيان نائب رئيس مجلس الوزراء وزير شؤون الرئاسة في دولة الإمارات العربية المتحدة

Under the patronage of H.H. Sheikh Mansour Bin Zayed Al Nahyan Deputy Prime Minister, Minister of Presidential Affairs of the UAE

New to site?


Login

Lost password? (X)

Already have an account?


Signup

(X)

[Employees hide 40% of businesses security problems to avoid punishment]

11
Jul 2017

Employees hide 40% of businesses security problems to avoid punishment

Kaspersky Lab announced a new report, “Human Factor in IT Security: How Employees are Making Businesses Vulnerable from Within,” that found employees hide IT security incidents in 40 percent of businesses across the globe to avoid punishment.

Larger-sized businesses seemed to suffer the most from employees hiding their security problems.

45% of enterprises (over 1,000 employees) experience employees hiding cybersecurity incidents, with 42% of SMBs (50 to 999 employees), and only 29% of VSBs (under 49 employees).

 

The survey also found that the uninformed or careless employees are one of the most likely causes of a cybersecurity incident — only second to malware.

The surprising reality is that the human factor can pose an even greater danger.

46% of IT security incidents are caused by employees each year – that’s nearly half of the business security issues faced triggered by employee behavior.

Staff hiding the incidents that they have encountered may lead to dramatic consequences for businesses, increasing the overall damage caused.

Even one unreported event could indicate a much larger breach, and security teams need to be able to quickly identify the threats they are up against to choose the right mitigation tactics.

Reporting and ‘learn by mistake’ approach is the best industrial security model.

For example, Tesla’s Elon Musk requested every incident affecting worker safety to be reported directly to him, so that he can play a central role in change.

Same approach can be applied to company security.

The survey found that businesses worry the most about employees sharing inappropriate data via mobile devices (47%), the physical loss of mobile devices exposing their company to risk (46%) and the use of inappropriate IT resources by employees (44%).

Advanced hackers prefer to use custom-made malware and high-tech techniques to plan a heist, but they will most probably start with exploiting the easiest entry point – the human factor.

According to the research, every third (28%) targeted attack on businesses in 2016 had phishing/social engineering at its source.

Sophisticated targeted attacks do not happen to organizations every day – but conventional malware does strike at mass.

Unfortunately though, the research also shows that even where malware is concerned, unaware and careless employees are also often involved, causing malware infections in more than half (53%) of incidents that occurred globally.


Related Posts