One in Four Workers Would Steal Company Information

Nearly five hundred IT employees said they would take company information to help apply for a position at a competitor, according to a workplace behaviour audit carried out by the security experts at Gurcul
 
The study also found that thirty-four percent of managed service providers and thirty percent of developers are a main source of third party risk. Also if someone was to commit fraud thirty-two percent said it would most likely occur in the finance department.
 
“What these findings show is that insider fraud is a top concern among IT security professionals, as are the security risks associated with third parties that have privileged access to corporate resources,” said Craig Cooper, COO from Gurucul who did the research. 
 
“Since detecting insider threats by employees and trusted third parties is the ultimate game of cat and mouse, many leading edge security organisations are using machine learning to compare the behavior of all users against established baselines of ‘normal’ activity. This allows them to identify anomalous events and spot outliers so they can remediate threats early on.”
 
Key Findings
At the 2019 Blackhat USA Conference, Gurucul conducted a workplace behavior survey to better understand the risky behaviors that pose a security risk to organisations. 476 IT security professionals from around the world completed the questionnaire, of which, more than half work in organisations with at least 2,500 employees. 
 
Some of the reports highlights include:
• Nearly one in four people (24%) would take company information to help apply for a role at a competitor
• Nearly one third (32%) of IT security pros think that finance is the department most at risk for fraud
• Almost three fourths (74%) of respondents tightened up third-party access because of third-party breaches
• The third parties that most concern respondents are MSPs, followed by developers
• 44% of respondents spend at least one hour a day on non-work related web sites (including 32% of those in retail)
• The larger the organisation, the more likely it is that workers will surf the web for fun while at work
• Browsing social media sites is the most popular non-work related online activity
 
Gurucul:              Go1 Survey
 
You Might Also Read:
 
Its Your People Who Contribute To Data Theft:
 
 
« Webinar: JumpStart Guide to Application Security in AWS
US Cyber Attack Disabled Iran’s Ability To Target Shipping »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Adeptis Group

Adeptis Group

Adeptis are experts in cyber security recruitment, providing bespoke staffing solutions to safeguard your organisation against ever-changing cyber threats.

Armadillo Sec

Armadillo Sec

Armadillo provide penetration testing and vulnerability assessment services.

Digital Law

Digital Law

Digital Law is the only UK law firm to specialise solely in online, data and cyber law.

OnDefend

OnDefend

OnDefend delivers information security solutions that improve overall security posture, reduce risks and defend against continually evolving and persistent cyber adversaries.

TrueFort

TrueFort

TrueFort take an application-first approach that offers comprehensive protection for real-time visibility and analysis, protection and better communication across business, IT, and security teams.

Guardio

Guardio

Guardio develop tools and products to combat modern web and browser threats.

Route1

Route1

Route1 is an advanced provider of secure data intelligence solutions to drive your business forward.

VectorRock

VectorRock

Save Your Business From Cyber Criminals. We specialize in uncovering cyber risks which threaten your organization and fixing them.

Plante Moran

Plante Moran

Plante Moran is a leading audit, tax, consulting, and wealth management firm. Areas of consulting expertise include cybersecurity.

Radiance Technologies

Radiance Technologies

Radiance solutions provide technological advantage and operational superiority for our nation in the areas of intelligence, cyber and advanced weapon systems.

CDS

CDS

CDS is a strategic change agency enabling organisations and businesses to create and build better services to meet the evolving needs of customers, employees and citizens.

Kaesim Cybersecurity

Kaesim Cybersecurity

Kaesim are a global team of cybersecurity experts protecting businesses since 2015. We stop bad people damaging your business, your data and your reputation.

CLEAR

CLEAR

With more than 17 million members and a growing network of partners across the world, CLEAR's identity platform is transforming the way people live, work, and travel.

GlassHouse Technology

GlassHouse Technology

GlassHouse supports customers in their digitalization journey with our deep technical expertise in Managed Cloud and Security Services, SAP Infrastructure Service and Business Continuity Services.

Bedrock Security

Bedrock Security

Bedrock Security is at the forefront of revolutionizing data security in the cloud and GenAI era.

MIND

MIND

MIND is the first-ever data security platform that puts data loss prevention and insider risk management programs on autopilot, so you can automatically identify, detect and prevent data leaks.