A new report from DTEX Systems shows this year’s shift to a largely remote workforce by the Global 5000 has significantly changed behaviors of trusted insiders. Key findings include a 450% increase in employees circumventing security controls to intentionally mask online activities and 230% increase in behaviors that indicate intent to steal data.

The DTEX Counter-Insider Threat Research Team interviewed hundreds of customers and Global 5000 organizations representing a diverse sample set of businesses that varied by size, industry and geography. 

“Our findings indicate that in 2020, the equilibrium of employee security and trust has been broadly disrupted and is currently in chaos,” said Mohan Koo, Co-Founder and Chief Technical Officer at DTEX Systems. “Trusted insiders once thought to be reliable and responsible are changing their behaviors and increasing the risk of data loss, external attack and regulatory compliance violations for their employers.”

Key Report Findings:

• 56% of companies reported remote workers actively bypassed security controls to intentionally obfuscate online activity. This is more than 4.5 times higher than 2019 which represents a 450% increase in the first eight months of 2020.
• More than 70% of the escalated incidents visible to the security and HR teams included at least one attempt to circumvent a second security control to exfiltrate data without detection.
• Companies reported remote workers most commonly attempted to intentionally bypass the corporate VPN to mask their online activities.
• 72% of companies surveyed saw data theft attempts by a departing employee wanting to take protected IP with them or a new employee looking to inject IP from a previous employer. This represents an increase of 2.3 times, or 230%, over similar behaviors seen in 2019
• Over 40% of incidents proactively detected flight risk behavior as well as abnormal reconnaissance or data aggregation activities. 

The growth in premeditated data theft attempts and intentional activity masking behaviors by employees strongly suggests that companies are facing a heightened risk of data loss as virtual employment models become the norm, furloughs are extended and reduction-in-force actions continue.