Less Than 25 Percent of Businesses Assess Employee Risk Post-Hire

May 3, 2017

While more than 98% of businesses conduct pre-hire background checks on potential new employees, less than one-quarter of businesses proactively screen current employees - exposing CXOs and Boards to significant safety, security and compliance risks. However, business and security executives are three times more interested in closing the employee security gap than HR and IT, according to the Endera Insider Risk Survey.

1 in 1,000 employees are arrested every month, but only 1 in 4 CXOs surveyed believe they would know if an employee had a recent criminal incident - as most businesses cease background screenings at the point of hire. At the same time, insider threat management cybersecurity tools focus only on data and device level behavior, data loss prevention or identity and access management – creating a blind spot for executives increasingly accountable for risks posed by employee behavior.

Additional key findings include:

The survey reveals that less than 30% of senior executives say they would know if an employee was arrested, put on a criminal watch list, or lost a key certification or license. But CXOs overwhelmingly want to close this insider risk blind spot:

91% want to know if an employee has been added to a criminal watchlist
82% want to know if an employee is booked or arrested
53% want to know if an employee loses a key certification
48% want to know if an employee is in financial distress
33% want to know if an employee is involved in a lawsuit

Background checks have historically been seen as an HR function, and IT does a lot to detect insider threats. However, the Endera survey reveals general business and security executives are the most interested closing the post-hire security gap. 79 percent of security executives and 81% of operations executives would screen or consider screening their entire workforce every day if they could.

For service companies, where employees interact directly with customers or have access to customers’ valuable assets, the insider threat risk is even greater. The Endera survey finds service companies are more than twice as likely to want employee risk alerts as their counterparts in other industries.

Within the service industry, the risk to executives in fast growing “on-demand” workforces with significant interaction between customers and employees/contractors, such as those in transportation and home health care, have become particularly complex and acute.

The survey of 278 business executives in varying roles and industries was conducted in December 2016. Survey data is also available segmented by small businesses, mid-sized firms and large enterprises.

http://lp.endera.com/rs/769-LZZ-364/images/Endera%20Survey%20eBook%20031617.pdf

You must login or register in order to post a comment.

In this webinar, security expert Pieter Danhieux explores how CISOs and CIOs can inspire real change, fostering a positive security culture that enables their development teams to become more security-aware, more aligned with internal AppSec specialists and, ultimately, securing code as it is written.

Healthcare organizations often overlook the security needs of freestanding clinics and offices. In this webinar, Alan Lynch, Network Director of Safety & Security for St. Luke’s University Health Network, headquartered in Bethlehem, Pa., offers best practices to help you address the security risks in ambulatory care centers and physician offices.

Security Magazine

2019 September

Our special report this month features 26 security leaders who are changing the industry, inspiring many and leading with innovation. Security experts discuss the CCPA, public-private relationships, mobile device security and how aware employees can mitigate active shooter events and workplace violence.

View More Subscribe

Less Than 25 Percent of Businesses Assess Employee Risk Post-Hire

Related Articles

Report Abusive Comment