Insiders Now Responsible For Majority Of Cyber Threats

Cybersecurity threats related to insider actions are now more common than threats from external actors, according to a report by cybersecurity vendor Netwrix.

Since organizations switched to remote work as a result of the COVID-19 pandemic, four of the top six types of cybersecurity incidents they experienced were caused by internal users, the report found.

Those four were accidental mistakes by admins (reported by 27% of respondents), accidental improper sharing of data by employees (26%), misconfiguration of cloud services (16%) and data theft by employees (14%).

“Based on the findings, it is not surprising that 79% of CIOs worry that users are now more likely to ignore IT policies and thus pose a greater threat to security,” Netwrix said. “Moreover, incidents related to inside actors were among the hardest to detect.”

For example, the study found that “a significant portion” of respondents took weeks or months to detect data theft by employees (26%), improper employee data sharing (18%) and admin mistakes (12%).