In a study conducted by Insight Express and Cisco Systems, it was found that almost 20% of users admitted to altering the security settings on company-issued devices so they could access unauthorized websites;
– 24% of these respondents further admitted to sharing sensitive company information with others, and
– 44% admitted to allowing others to use their company-issued devices without supervision.
In yet another new Dark Reading report titled ‘Well Intentioned Employees – And How To Stop Them’ it was revealed that employees can cause breaches (aside from losing laptops) in many different ways, some without realizing it, e.g., insider breaches attributed to common user errors such as falling prey to phishing scams.
The Ponemon Institute, in their recent study, reported that:
– negligence accounts for 88% of insider breaches, and malicious attacks account for only 12%…
Palo Alto Networks (a firewall vendor) conducted an analysis (of insider threats/risks) to find that the source of several recent high-profile (company sensitive data/information) breaches was due to:
– the growing intentional (employee) disregard of company security policies which most larger firms are finding is unauthorized peer-to-peer application traffic!
‘Houston, we’ve got a problem’!!
And lastly, a survey conducted by Cyber-Ark Software reported that:
– 60% of U.S. workers have (already) downloaded sensitive corporate data in anticipation of (their) future layoff
Interesting, this is approximately the same percentage that terminated employees take (proprietary, sensitive company )data and information with them when they leave as previously reported by the Ponemon Institute study.