Cyber risks related to insider threats bigger than external threat actors

New survey reveals insider threats more of a risk than external threat actors amid COVID-19 and race to work remotely

Findings from the 2020 Netwrix Cyber Threats Report reveal cybersecurity risks related to insiders are now more common than external threat actors. Since organizations went remote, four of the top six types of cybersecurity incidents they experienced were caused by internal users:

Accidental mistakes by admins (suffered by 27% of respondents)
Accidental improper sharing of data by employees (26%)
Misconfiguration of cloud services (16%)
Data theft by employees (14%)

In addition, 79% of security leaders worry that users are now more likely to ignore IT policies and thus pose a greater threat to security. Moreover, incidents related to inside actors were among the hardest for organizations to detect. For example, a significant portion of respondents needed weeks or months to detect data theft by employees (26%), improper employee data sharing (18%) and admin mistakes (12%).

Other survey findings include:

Incidents caused by admin mistakes were more common for large enterprises (1,001+ employees) than for mid-sized and small organizations. 33% of large enterprises reported suffering at least one incident caused by a negligent admin since WFH began.
70% of financial organizations are concerned about insider data theft during the current remote work phase. Pre-pandemic, only 30% were focused on this risk.
41% of educational institutions reported improper sharing of sensitive records by employees, which is the highest result among all verticals analyzed.

For more, click here.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.