Inside security threats triggered by employees' negligence putting firms at risk

With pandemic-led digital shift and many employees being forced to have a hand-on-technology for their work, the cybersecurity risks have surged multi-fold. Probably, at a time when all the efforts are being made to fix the threats externally, it has been seen that firms are equally fighting hard from within as insider threats has become the key security issue for experts today.

Insider threats caused by careless or negligent employees are the most prevalent. 56% of incidents experienced by organisations were due to negligence of employees or contractors, according to a Ponemon institute report  

Insider threats have increased in both frequency and cost over the past two years. Credential thefts, for example, have almost doubled in number since 2020. This year, Ponemon institute interviewed 1,004 IT and IT security practitioners in 278 organisations that experienced one or more material events caused by an insider.  

Ponemon institute has categorised insider threats as; a careless or negligent employee or contractor; a criminal or malicious insider; or a credential thief.  

For the past two years, employees are left with little option but to work remotely. At the onset of the pandemic many perceived as a transitory phase or a momentary experiment. Fast forward to today, there is only uncertainly looming with the nature of workspace and work culture that is to unfurl, especially with organisations downsizing its office capacity. Given that, several employees are staring at more tech than they are actually fit for. This has led to a lot of insider security threats.  

According to the findings, despite insider threats having increased across all three insider threat profiles, insider threats triggered by careless or negligent employees are the most rampant. More than half of incidents experienced by organisations represented in this research were due to negligence, and the average annual cost to remediate the incident was $6.6 million.  

The negligent insider is the main reason of most incidents. “A total of 3,807 attacks, or 56%, were caused by employee or contractor negligence, costing on average $484,931 per incident. This could be the result of a variety of factors, including not ensuring their devices are secured, not following the company’s security policy, or forgetting to patch and upgrade,” it said.  

That report stated that malicious insiders caused 26% or 1,749 incidents at an average cost per incident of $648,062.   

“Malicious insiders are employees or authorised individuals who use their data access for harmful, unethical or illegal activities. Because employees are increasingly granted access to more information to enhance productivity in today’s work-from anywhere workforce, malicious insiders are harder to detect than external attackers or hackers,” it added.  

Credential theft incidents have almost doubled since the last study, the report mentioned.   

“At an average of $804,997 per incident, credential theft is the costliest to remediate. The intent of the credential thief is to steal users’ credentials that will grant them access to critical data and information. A favourite technique for many of these credential thieves is social engineering attacks, primarily phishing,” according to the study.