By Ian Barker | Betanews | betanews.com
Would you take information from your employer to help you get a job at a competitor? 24 percent would according to a new survey of almost 500 IT professionals carried out at Blackhat USA 2019.
The survey by behavior-based security specialist Gurucul finds that managed service providers (34 percent) and developers (30 percent) pose the leading sources of third party risk, and that if someone was to commit fraud it would most likely occur in the finance department (32 percent).
“What these findings show is that insider fraud is a top concern among IT security professionals, as are the security risks associated with third parties that have privileged access to corporate resources,” says Craig Cooper, COO of Gurucul. “Since detecting insider threats by employees and trusted third parties is the ultimate game of cat and mouse, many leading edge security organizations are using machine learning to compare the behavior of all users against established baselines of ‘normal’ activity. This allows them to identify anomalous events and spot outliers so they can remediate threats early on.”
Among other findings, almost three-quarters (74 percent) say they have tightened up third-party access as a result of breaches. Non-work use of the internet continues to be a problem too. 44 percent of respondents spend at least one hour a day on non-work related web sites (including 32 percent of those in retail) and 28 percent spend more than two hours. The larger the organization, the more likely it is that workers will surf the web for fun while at work.
Browsing social media sites is the most popular non-work related online activity with 32 percent admitting to it. Shopping online claims 28 percent and exploring holiday destinations 19 percent. 12 percent admit to looking for a new job on their employer’s time.
The full report is available from the Gurucul website.