Contractors/Freelancers Cause of Most Workforce Related Security Incidents
A new report reveals that nearly half of businesses are unaware of any potential employee issues prior to a workforce incident, and 87 percent say third-party contractors and freelancers are the cause of the risk.
The Security Executives on the Future of Insider Threat Management report by Endera examines the business impacts of workforce related incidents and the major challenges found in securing the modern day workforce.
The survey found:
● On average, companies suffer from at least 3 workforce related incidents a week – that adds up to 156 incidents per year
● 87% of security executives reported that contractors/freelancers are most likely to be the cause of workforce related security incidents at their company; Two-thirds (64%) reported that supply chain/third party vendors were the most likely cause
● 55% of respondents admit they are struggling to limit the number of workforce related incidents and 44% are not aware of any potential workforce or personnel issues prior to an incident
● Almost 40% of respondents reported that their workforce had lost confidence in the organization's ability to keep them safe
● 75% of respondents report that their organizations conduct background checks prior to hiring members of the workforce, but only just under half (48%) report that these checks are continued on a periodic basis
“Hands down, people are a company’s most valuable asset. But, as the definition of the ‘workforce’ expands with the rise of the gig economy and use of third party vendors, workforce risk and insider threats are equally becoming a global issue,” said Raj Ananthanpillai, Chief Executive Officer of Endera. “This survey sheds light on the fact that enterprises are struggling to reduce the number of workforce related incidents, which have major ramifications on workforce retention, brand reputation, and a company’s finances.”
A large majority of survey respondents reported that contractors and freelancers are most likely to be the cause of workforce related security incidents and 64% reported that supply chain and third party vendors were the culprit. The report also went on to find that 73% of those individuals have face-to-face interaction with customers, meaning that not only is this potentially a workforce issue, but it can also have a detrimental impact on the customers who rely on the extension of the enterprise to provide services such as child care, transportation, data management, healthcare and more.
Cyber Threats and Risks Cause More Concern than Workplace Safety
Security Executives are focused on protecting their company and the entire workforce ranging from their permanent employees to the contractors, freelancers and supply chains that service their business. A company's supply chain and gig economy workers are all part of this larger modern workforce that can present a myriad of risks to a company.
To this end, the report also explores the types of risk that enterprises are most concerned about with most respondents (86%) placing device theft or loss among their top three risks, along with fraud (80%) and cybersecurity threats (74%). However, these types of insider risks could be mitigated if the potential for these incidents were flagged ahead of time.
Limitations & Challenges with Current Background Checks
The report also highlights the current limitations of one-time or periodic background checks that are frequently the primary source of workforce risk insights for many enterprises. Nearly half of security executives say that the information in background checks aren’t detailed (48%) enough or aren’t updated on a regular basis (46%) to get ahead of workforce risk. Another eight in ten respondents (84%) report that they could improve the way they use background check results to mitigate the ongoing risk within their organization.
“In this new modern economy the legacy approach of doing pre-hire background checks, which is typically a one and done process, is outdated and needs to transition to a continuous evaluation in order to truly identify risk before it’s too late,” added Ananthanpillia. “By having access to the right tools and data to proactively head off problems and retain talent these executives would be better equipped to keep their company, customers and employees safe.”
To that end, 88% of security executives agree that continuously evaluating workforce risk will help their company better understand and prepare for risks. At the moment, none of the respondents noted that they conduct post-hire background checks on a continuous basis and only 11% reported that they update them on a monthly basis. Majority of respondents are updating them even less frequently than that.