Insider Security Risk Soars During Lockdown

Uploaded on 2020-12-15 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

The number of corporate insider threats are now seen as far more critical to cyber security than before the Coronavirus made remote working the new normal, according to a new Report from the information security & governance experts at Netwrix.  
 
They  polled 937 IT professionals about how the COVID-19 crisis has changed the risk landscape and it has now published its 2020 Cyber Threats Report
 
The Report finds that 39% of respondents said they improved their cyber security during the virus, but nearly 25% thought there was now far higher cyber risks than before the lockdown. 
 
Around a quarter admitted they feel more vulnerable to threats now than before the pandemic, with 85% of CISOs admitting they sacrificed cybersecurity to rapidly support remote working. As a result, 60% of respondents are concerned they may have left some security gaps in the process. 
 
In many cases, it is concerns about user behavior that dominate: 58% believe that employees might ignore security rules and put data at risk. The main insider risks highlighted by respondents as a critical threat to the organisation are:
 
  • Accidental improper sharing of data (68%)
  • Misconfiguration of cloud services (66%)
  • Accidental mistakes by IT administrators (62%)
  • Data theft by employees (66%).
 
Accidental IT admin mistakes and improper sharing of data were the most common incident experienced by organisations, after phishing. They were also among the hardest to detect; both took days rather than hours or minutes to spot in over a third of cases. 
 
Large enterprises were more likely to experience IT administrator mistakes: 33% reported suffering at least one incident since working from home began.
 
To help you protect your organisation and remote workers from cyber attack, Netwrix offers the following advice:
  • Provide regular user training on how to identify suspicious links and attachments and how to report them.
  • Enable continuous IT auditing with alerts on signs of ransomware in progress, such as unusual spikes of activity across file repositories.
  • Harden data access governance by revoking excessive access rights.
  • Establish and rigorously enforce a least-privilege model.
  • Use privileged access management (PAM) solutions to restrict admin activity.
  • Automate change auditing across key IT systems to detect issues as they emerge.
  • Conduct periodic reviews to spot any deviations in system configuration from a healthy baseline.
 
Netwrix:      TechRepublic:      Infosecurity Magazine:       Dark Reading
 
You Might Also Read:
 
Remote Working: Five Best Ways To Prevent A Data Breach:
 
 
« The Personal Data Being Used To Get Your Vote
E-Businesses That Don’t Require Employees »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DataCore Software

DataCore Software

DataCore Software is a leader in Software-Defined Storage. Solutions offered include back up and disaster recovery.

AdNovum Informatik

AdNovum Informatik

AdNovum Informatik provides a full set of IT services, ranging from consulting, the conception and implementation of customized business and security solutions to maintenance and support.

Soracom

Soracom

Soracom offers secure, scalable, cloud-native connectivity developed specifically for the Internet of Things.

Future of Cyber Security Europe

Future of Cyber Security Europe

Future of Cyber Security Europe is a European wide event examining the latest cyber security strategies and technologies.

HCC Embedded

HCC Embedded

HCC’s mission is to ensure that data stored or communicated by an embedded IoT application is secure, safe and reliable.

ICS-CSR

ICS-CSR

ICS-CSR is a research conference bringing together researchers with an interest in the security of industrial control systems.

BrandProtections.Online

BrandProtections.Online

BrandProtections.online offer end-to-end customer support solutions to help protect against threats which may affect your brand online.

SIRP Labs

SIRP Labs

SIRP is a Risk-based Security Orchestration, Automation and Response (SOAR) platform that fuses essential cybersecurity information to enable a unified cyber response.

SafeCipher

SafeCipher

SafeCypher are crypto specialists with a very specialized knowledge of Public Key Infrastructure (PKI), Hardware Security Modules (HSM), Quantum Resistant Cryptography and Crypto-Agility.

CybrHawk

CybrHawk

CybrHawk is a leading provider of information security-driven risk intelligence solutions focused solely on protecting clients from cyber-attacks.

Robo Shadow

Robo Shadow

Robo Shadow are trying to bridge the gap between the top tier organisations that can afford everything and everyone else who has to “Make it up as they go along” when it comes to Cyber.

Privacy Compliance Hub

Privacy Compliance Hub

Privacy Compliance Hub provide an easy to use platform with a comprehensive data protection compliance programme including training, information, templates and reporting.

Singtel Innov8

Singtel Innov8

Singtel Innov8, the venture capital arm of the Singtel Group, invests in and partners with innovative technology start-ups globally.

Quzara

Quzara

Quzara provides trusted advisory services and highly adaptive cybersecurity services to federal, commercial and Defense Industrial Base customers to meet their security compliance and cyber needs.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

PatchAdvisor

PatchAdvisor

PatchAdvisor core services include Vulnerability Assessments/Penetration Testing, Application Vulnerability Assessments, and Incident Response.

WillJam Ventures

WillJam Ventures

WillJam Ventures are a private equity firm focused on investing in world-class cybersecurity companies that will become the next generation of leaders in protecting the world’s digital assets.