Insider threats are on the rise, with 68% of organizations noting an increase in the past year. These threats, originating from within an organization, involve employees or authorized users exploiting their access for cyberattacks. However, not all insider actions are deliberate; sometimes, privileged IT users inadvertently compromise security. Negligent employees or contractors account for 62% of such incidents.
The potential fallout from insider attacks is significant. Business leaders recognize the need to secure sensitive assets, as both revenue and reputation are at risk. Prioritizing identity security is crucial for protecting critical data. Controlling privileged access to sensitive information is essential to prevent internal data leaks.
In today’s volatile economy, where financial motives can drive malicious insiders, the risk of data breaches is heightened. Organizations must be prepared to navigate economic uncertainty and combat the surge in insider threats fueled by current workforce trends.
Workforce reductions pose identity security risks.
When employees are laid off or resign, there’s a risk of them taking sensitive information. According to the 2023 CyberArk Identity Security Threat Landscape Report, 58% of security professionals globally reported departing employees saving sensitive documents outside policy. Concerns about layoffs could lead to an increase in insider threats during organizational turmoil.
A notable example is a major drinks manufacturer where an engineer stole trade secret documents worth $120 million upon learning of her impending layoff. Despite her conviction, this case highlights the challenge of protecting sensitive information during workforce changes. Sixty-eight percent of security decision-makers anticipate new identity security concerns due to layoffs and workforce churn.
Building trust with third-party vendors poses challenges.
While employees have insider access, contractors can also pose insider threats. If privileged access isn’t revoked promptly after a third-party relationship ends, vendors may still access and share sensitive information. Even with an amicable parting, there’s a risk of asset exploitation.
External actors may exploit third-party vendors to access critical information. For instance, attackers used a third-party application to breach Marriott Hotels’ guest data. By exploiting employee credentials, attackers leaked the personal records of 5.2 million guests. The CyberArk 2023 Identity Security Threat Landscape Report indicates security professionals view third parties as the riskiest human identities.
The connection between increasing “presenteeism” and insider threats
In today’s uncertain economy, marked by layoffs and recession fears, many employees fear losing their income. Despite last year’s talk of the Great Resignation, resignations have slowed, with dissatisfied employees staying put, leading to the rise of “resenteeism” – discontented workers openly expressing grievances.
This trend harms workplace culture and productivity and can fuel insider threats. For instance, an undervalued employee denied promotion may feel resentment, driving them to steal or leak sensitive data as retaliation. Some openly flaunt their ability to exploit authorized access, posing security risks. Sixty-three percent of businesses fail to adequately secure employees’ highest sensitivity access, offering ample opportunities for malicious actors to steal data.
Financial Struggles Drive Data Leaks
Rising inflation and living costs in the UK are straining finances, potentially leading to more financially motivated insider threats. Research reveals that privilege misuse, where employees exploit authorized access, is the leading cause of intentional internal data breaches, often involving fraudulent transactions. Fifty-nine percent of breaches aim for financial gain.
For instance, a financial controller with privileged system access might divert funds into their account. This practice not only diverts significant resources from the organization but also complicates tracking efforts.
Rising Employee Stress Raises Security Concerns
Workforce reductions and turnover strain remaining employees, leading to increased stress levels and more errors. Overworked and stressed employees are vulnerable to phishing and social engineering attacks. Burnout affects 59% of UK senior cybersecurity professionals, reducing vigilance against risks.
Stressed employees are easier targets for phishing attacks, potentially granting access to sensitive data. With half of the workforce identities accessing such data, they become prime targets for attackers seeking entry to company assets.
Eliminating Trust from Identity Security Strategy
In today’s tough economic climate and evolving threats, insider risks are significant. Given these rising security challenges, organizations must prioritize a Zero Trust and least privilege approach. This strategy offers complete visibility and control over access to sensitive data, enabling quick detection of misuse and swift prevention of leaks. By removing trust, companies can enhance cyber resilience, establish a robust identity security strategy, and safeguard critical assets.