A recent survey from security and fraud analytics provider Gurucul shows that some employees would take company info to get a better job with another company.
by Lance Whitney | TechRepublic | www.techrepublic.com
Insider threats are a concern for any company – small, medium, and large. Though the hope is that one’s employees will be loyal, honest, and trustworthy, human nature being what it is, we know that’s not always going to be the case. Employees sometimes have their own agendas that may not be in the company’s best interest and so can be tempted by financial and career ambitions. A Tuesday report based on a survey of IT security professionals conducted by Gurucul revealed a few items that should raise a red flag for business owners and upper management.
Polling 476 IT security professionals around the world at the 2019 Blackhat USA Conference in early August, Gurucul found that 24% of respondents admitted that they would take company information to help them apply for a more senior role at a competitor. Further, 27% of those who said they look for another job while at work would also take company data to apply for another job. Some actions cited in the report include emailing large amounts of company data to personal email accounts and downloading information on a flash drive to transfer to a personal computer.
Employees also acknowledged that they spend a certain amount of time at work not doing any actual work, at least not for their employer. Among the respondents, 28% said they spend more than two hours surfing the Web at work for non-work related activities, 16% spend 1-2 hours, 24% spend between 30 and 60 minutes, and 32% less than 30 minutes. Gurucul also discovered that the larger the company, the easier it was for employees to hop onto the Web at work. Some 30% of people from businesses with more than 10,000 workers said they surf the Web for non-work activities two or more hours per day, compared with 25% from those in organizations with fewer than 2,500 employees.
And just what are these people doing on the web when they’re not working? Social media is the favorite activity among 32 percent of respondents, with shopping the top activity among 24%, exploring vacations among 19%, and watching sports among 13%. Some 12% also admitted to surfing the Web to search for a new job.
Asked the primary reason why employees commit fraudulent acts, such as taking company information, 54% of those surveyed cited money as the top reason. Other respondents pointed to such motivators as gaining a competitive advantage, damaging the reputation of their company, revenge, and the sheer challenge of it.
Committing outright insider fraud can be especially damaging to a company’s finances and reputation. Asked which department is the greatest target for fraud, 32% of respondents cited the finance division. C-level executives were next on the list as they hold high-level insider knowledge that leaves them open to fraud and cyberattack.
Beyond employees, third parties can also engage in risky or fraudulent behavior that can harm a business. Suppliers, external developers, service contractors, and other third parties often possess access to critical systems through which they can log in and retrieve data. As a result of recent third-party data breaches, 76% of the respondents said they’ve tightened access to third party systems. Analyzing the third parties that cause the most worry, 34% of those surveyed pointed to managed service providers (MSPs), with 30% citing developers and 20% citing systems integrators.
“What these findings show is that insider fraud is a top concern among IT security professionals, as are the security risks associated with third parties that have privileged access to corporate resources,” said Gurucul Chief Operating Officer Craig Cooper in a press release. “Since detecting insider threats by employees and trusted third parties is the ultimate game of cat and mouse, many leading edge security organizations are using machine learning to compare the behavior of all users against established baselines of ‘normal’ activity. This allows them to identify anomalous events and spot outliers so they can remediate threats early on.”