SC Media recently reported on an Insider Threat Intelligence Report from Dtex Systems which found that 95 percent of enterprises surveyed had employees actively circumventing corporate security protocols.
59 percent of the organizations had experienced instances of employees accessing pornographic websites during the work day and 43 percent had users who were engaged in online gambling activities over corporate networks.
While inappropriate Internet use was to blame for some of the breaches in security protocol, malicious threats were also responsible for some of the unauthorized activity. The report found that 60 percent of all attacks are carried out by insiders and 68 percent of all insider breaches were due to simple negligence, while 22 percent were from malicious activity by a staffer and 10 percent were related to credential theft.
During the first and last two weeks of a person's employment, 56 percent of organizations saw potential data theft take place from leaving or joining employees.
Dtex Systems Senior Vice President Rajan Koo said "the large majority of those looking to bypass security protocols are doing so for recreational purposes, such as to use a blocked social media site on company networks." And of course, they tell other employees, so bypassing company protocols becomes a matter of routine.
As we lecture all the time, your employees are your greatest security threat – they may not have any malicious intent, but their determination to do whatever they want can cause a lot of security mischief.
E-mail: firstname.lastname@example.org Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology