According to a study by Kaspersky, insider breaches are as risky as external attacks.
Human error is commonly believed to be a primary reason for cyber incidents in the business world. However, the reality is more complex and cannot be reduced to a simple explanation.
Kaspersky conducted a study to determine the viewpoints of IT security professionals who work for SMEs and Enterprises globally about the role of people in a company’s cybersecurity. It revealed that one of the primary issues facing companies in the Asia-Pacific region (APAC) is employees’ violation of information security policies.
Intentional violations of cybersecurity rules were committed by both IT and non-IT employees in the past two years. Senior IT security officers were responsible for 16% of the cyber incidents during this period, 4% higher than the global average. Other IT professionals caused 15% of the incidents, while non-IT colleagues were responsible for 12% due to non-compliance with security protocols.
When it comes to individual employee behavior, the most common issue is that employees intentionally engage in prohibited activities while failing to perform what is expected. The survey revealed that 35% of cyber incidents within the last two years were caused by weak passwords or not changing them promptly. This is 10% higher than the global average of 25%.
Almost one-third (32%) of cybersecurity breaches in APAC were caused by staff visiting unsecured websites. In comparison, another 25% were due to employees failing to update system software or applications when required.
Unauthorized use of services or devices contributes significantly to deliberate information security policy violations. According to a study, 31% of companies suffered cyber incidents due to unauthorized data-sharing systems, while 25% of employees accessed data through unauthorized devices. Additionally, 26% of staff sent data to personal emails, and 15% of respondents experienced cyber incidents due to shadow IT deployment on work devices.
It is concerning to note that survey participants from the Asia-Pacific region have confessed that 26% of the malicious acts were carried out by employees for personal benefit. In addition, violations of information security policies by employees with malicious intent were quite prevalent in the financial services industry, with 18% of respondents reporting such incidents.
“As the numbers are alarming, it is necessary to create a cybersecurity culture in an organization from the get-go by developing and enforcing security policies, as well as raising cybersecurity awareness among employees. Thus, the staff will approach the rules more responsibly and clearly understand the possible consequences of their violations,” shared Alexey Vovk, Head of Information Security at Kaspersky.
To ensure protection of your company’s infrastructure against security breaches caused by employee policy violations, Kaspersky recommends:
- Use cybersecurity products with Application, Web, and Device control features, such as Kaspersky Endpoint Security for Business and Kaspersky Endpoint Security Cloud. This functionality can limit the use of unsolicited apps, websites, and peripherals, reducing infection risks.
- The Advanced Anomaly Control feature within Kaspersky Endpoint Security for Business Advanced, Kaspersky Total Security for Business, and Kaspersky Endpoint Detection and Response Optimum helps prevent potentially dangerous activities that are ‘out of the norm,’ both undertaken by the user and initiated by the attacker who has already seized control of the system.
- Control data transfers both ways – in and out of the system, which also brings risks. With Kaspersky Endpoint Security Cloud, Kaspersky Security for Mail Server, and Kaspersky Security for Microsoft Office 365, issues like these can be solved with data discovery and the content filtering function.
- Kaspersky Security for Internet Gateway also possesses content filtering to prevent unsolicited data transmission regardless of its type, platform protection status, or user behavior at the endpoints inside the network.
The full report is available to read here.