IT Professionals Have Met the Enemy And It Is Them
According to a post on the Cyber Security Intelligence website (https://www.cybersecurityintellignce.com) security experts at Gurcul conducted a survey on risky workplace behavior at the 2019 Blackhat USA Conference. 476 IT security professionals from around the world completed a questionnaire; more than half work for organizations with at least 2,500 employees. The results should be disturbing for those who think outsiders are the main or only threat to cybersecurity.
- 24% would take (steal) company information to help apply for a job with a competitor.
- 32% think fraud is most likely to occur in the finance department.
- The main sources of third party risk are manged service providers (34%) and developers (30%). 74% of respondents tightened third party access because of breaches.
- 44% of respondents spend at least one hour a day on non work-related websites. This is more likely in larger organizations. Browsing social media is the most popular online activity. (Besides lost productivity, this behavior increase the risk of introducing malware or viruses into the organization’s computer network.)
This survey shows that computer fraud and security risks from insiders including trusted third parties are as much a threat as malicious outsiders. Leading security organizations are using machine learning to compare user behavior against baselines of normal activity. Truly, no one can be above suspicion.