Employees Are Now More Dangerous to Their Company Than External Hackers
Arthur T Knackerbracket writes:
The biggest risk often now comes from inside:
For the first time ever, internal threats have become more common that external ones, with hacking remaining pretty steady at 31% of attacks compared with employee misuse, which rose from 29% to 45%.
There's also the fact that hackers themselves are more frequently targeting company insiders, exploiting everyday employee behavior instead of having to rely on more sophisticated, crafted attacks from outside.
"While not inherently malicious, employee misuse can be just as damaging as a sophisticated breach, especially given that attackers are increasingly turning policy workarounds into external entry points," Senior Security Researcher Carl Morris explained.
Endpoints remain one of the biggest targets, with workers' devices involved in more than half (53%) of incidents. And while they account for a smaller percentage overall, identity attacks also rose from 10% to 17% in around a year.
Looking ahead, Orange Cyberdefense urges companies to acknowledge that many risks now come from within an organization. Tightening access controls and privileges can shrink the attack surface altogether, while simple multi-factor authentication can also serve to prevent attackers from gaining access.
Read more of this story at SoylentNews.