BusinessCyber Security

Staff Missteps Equally Damaging As Hacking in APAC, Reveals Kaspersky’s Global Study

(source: Kaspersky)

According to a study by Kaspersky, insider breaches are as risky as external attacks.

Human error is commonly believed to be a primary reason for cyber incidents in the business world. However, the reality is more complex and cannot be reduced to a simple explanation.

Kaspersky conducted a study to determine the viewpoints of IT security professionals who work for SMEs and Enterprises globally about the role of people in a company’s cybersecurity. It revealed that one of the primary issues facing companies in the Asia-Pacific region (APAC) is employees’ violation of information security policies.

Intentional violations of cybersecurity rules were committed by both IT and non-IT employees in the past two years. Senior IT security officers were responsible for 16% of the cyber incidents during this period, 4% higher than the global average. Other IT professionals caused 15% of the incidents, while non-IT colleagues were responsible for 12% due to non-compliance with security protocols.

When it comes to individual employee behavior, the most common issue is that employees intentionally engage in prohibited activities while failing to perform what is expected. The survey revealed that 35% of cyber incidents within the last two years were caused by weak passwords or not changing them promptly. This is 10% higher than the global average of 25%.

Almost one-third (32%) of cybersecurity breaches in APAC were caused by staff visiting unsecured websites. In comparison, another 25% were due to employees failing to update system software or applications when required.

Results of Kaspersky study for Asia Pacific.

Unauthorized use of services or devices contributes significantly to deliberate information security policy violations. According to a study, 31% of companies suffered cyber incidents due to unauthorized data-sharing systems, while 25% of employees accessed data through unauthorized devices. Additionally, 26% of staff sent data to personal emails, and 15% of respondents experienced cyber incidents due to shadow IT deployment on work devices.

It is concerning to note that survey participants from the Asia-Pacific region have confessed that 26% of the malicious acts were carried out by employees for personal benefit. In addition, violations of information security policies by employees with malicious intent were quite prevalent in the financial services industry, with 18% of respondents reporting such incidents.

“As the numbers are alarming, it is necessary to create a cybersecurity culture in an organization from the get-go by developing and enforcing security policies, as well as raising cybersecurity awareness among employees. Thus, the staff will approach the rules more responsibly and clearly understand the possible consequences of their violations,” shared Alexey Vovk, Head of Information Security at Kaspersky.

To ensure protection of your company’s infrastructure against security breaches caused by employee policy violations, Kaspersky recommends:

The full report is available to read here.

Written by
Tech Beat Philippines

Tech Beat Philippines is the social media news platform for all things technology. It is also a part of the GEARS section on Daddy's Day Out.

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Daddy’s Day Out is a platform that celebrates modern masculinity and offers a space where men can unite, learn, and grow together. It fosters a community where authenticity, support, and self-expression thrive unapologetically.

Related Articles

Infinix Hit USD100 Million Milestone in Shopee’s Brand Partners Club

This year, Infinix achieved a significant milestone by surpassing a total sales...

Acronis Releases Cyber Protect 16: Redefining the Benchmark for Cybersecurity and Data Protection

Leading cyber protection provider Acronis announced the release of Cyber Protect 16....

1-in-2 Cybersecurity Professionals Say Formal Education Useless in Current Job ― Kaspersky

Kaspersky’s recent global research has found that acting information security (InfoSec) experts...

1 in 3 Filipinos Face Threats from USBs, Removable Devices, Reports Kaspersky 

Kaspersky advises Filipinos to scan USBs for local threats after 36.80% were...