The common conception with cyber risk is that nearly all attacks come from cybercriminals and ransomware. However, Kroll’s Global Fraud & Risk Report found out that most of the time is a companies current and former employees who are behind most of the cyber security incidents.
With the increasing in amount of attacks and damage around the world through cyberespionage and ransomware attacks, it only makes sense for companies to associate with thinking their largest threats are all external. What the Global Fraud & Risk Report from Kroll found was actually the opposite.
Based on a survey consiting of 540 senior executives spread out among 6 continents the results found the report were alarming.
Ex-employees were prevelant with 37% of security incidents while an additional 25% of security incidents were caused by mid to senior level employees. Random cyber attacks are still the most prevelant but they are followed closely by ex-employee attacks.
“Alan Brill, senior managing director with Kroll’s cyber security and investigations practice, noted that oftentimes, organizations will concentrate too much on high-tech cybersecurity needs, such as protecting their networks, and miss the fact that their biggest ‘risk factor comes from those who have access to sensitive information.'”
Kroll identified one of the major factors causing this is a lack of ensuring that a former employee has zero access to any of the enterprise systems. In this survey. 80% of companies took measures to reduce this risk. Over 80% had employee restrictions from downloading software and over 75% had internal cybersecurity policies in procedures.
This article contains extracts from “It’s Not Just CyberCriminals: Insider Threats Still a Top Risk for Corporations” to read the original article by Rhys Dipshan visit Law.com