Employees hide security incidents in 48% of local firms
Employees of South African companies hide IT security incidents in around 48% of organisations.
This is according to a new report from Kaspersky Lab and B2B International titled: "Human Factor in IT Security: How Employees are Making Businesses Vulnerable from Within". The report found employees hide IT security incidents in 40% of businesses around the world, with uninformed or careless staff members being one of the most likely causes of a cyber security incident - second only to malware.
"Cyber criminals often use employees as an entry point to get inside the corporate infrastructure. Phishing e-mails, weak passwords, fake calls from tech support - we've seen it all. Even an ordinary flash card dropped in the office parking lot or near the secretary's desk could compromise the entire network - all you need is someone inside, who doesn't know about, or pay attention to security, and that device could easily be connected to the network where it could reap havoc," says David Jacoby, security researcher at Kaspersky Lab.
The research further found, every third (28%) targeted attack on businesses in the last year had phishing/social engineering at its source. With 46% of global IT security incidents caused by employees each year, Kaspersky Lab advises that business vulnerability must be addressed on many levels, not just through the IT security department.
"The problem of hiding incidents should be communicated not only to employees, but also to top management and human resources departments. If employees are hiding incidents, there must be a reason why. If your cyber security culture is positive, based on an educational approach instead of a restrictive one, from the top down, the results will be obvious," notes Slava Borilin, security education programme manager at Kaspersky Lab.
The IBM 2016 Cyber Security Intelligence Index found that 60% of all attacks were carried out by insiders. Of these attacks, three-quarters involved malicious intent, and one-quarter involved inadvertent actors.
According to Forrester's Understand The State Of Data Security And Privacy: 2015 To 2016 report, in the past 12 months, the top three most common breaches were: internal incident within an organisation (39%), external attack targeting an organisation (27%), and external attack targeting a business partner/third-party supplier (22%). Also personally identifiable information was one of the top two data types compromised most in a breach, revealed the research.
Understanding common insider threat profiles remains an essential step in helping organisations eliminate damage before it happens, says Virginia Satrom, social media manager at Forcepoint.
"Organisations should put all users through detailed training which educates them on best practices and how to recognise an adversary's stealth techniques. At the same time, teach them how to spot possible malicious insiders through the classic 'trouble signs' they project. On the tech side, organisations can complement their firewall and anti-virus tools with insider threat-centric ones related to authentication/access control, data loss prevention and user behaviour analysis," she advises.