One in Four Workers Would Steal Company Information

Uploaded on 2019-08-30 in TECHNOLOGY--Resilience, FREE TO VIEW

Nearly five hundred IT employees said they would take company information to help apply for a position at a competitor, according to a workplace behaviour audit carried out by the security experts at Gurcul
 
The study also found that thirty-four percent of managed service providers and thirty percent of developers are a main source of third party risk. Also if someone was to commit fraud thirty-two percent said it would most likely occur in the finance department.
 
“What these findings show is that insider fraud is a top concern among IT security professionals, as are the security risks associated with third parties that have privileged access to corporate resources,” said Craig Cooper, COO from Gurucul who did the research. 
 
“Since detecting insider threats by employees and trusted third parties is the ultimate game of cat and mouse, many leading edge security organisations are using machine learning to compare the behavior of all users against established baselines of ‘normal’ activity. This allows them to identify anomalous events and spot outliers so they can remediate threats early on.”
 
Key Findings
At the 2019 Blackhat USA Conference, Gurucul conducted a workplace behavior survey to better understand the risky behaviors that pose a security risk to organisations. 476 IT security professionals from around the world completed the questionnaire, of which, more than half work in organisations with at least 2,500 employees. 
 
Some of the reports highlights include:
• Nearly one in four people (24%) would take company information to help apply for a role at a competitor
• Nearly one third (32%) of IT security pros think that finance is the department most at risk for fraud
• Almost three fourths (74%) of respondents tightened up third-party access because of third-party breaches
• The third parties that most concern respondents are MSPs, followed by developers
• 44% of respondents spend at least one hour a day on non-work related web sites (including 32% of those in retail)
• The larger the organisation, the more likely it is that workers will surf the web for fun while at work
• Browsing social media sites is the most popular non-work related online activity
 
Gurucul:              Go1 Survey
 
You Might Also Read:
 
Its Your People Who Contribute To Data Theft:
 
 
« Webinar: JumpStart Guide to Application Security in AWS
US Cyber Attack Disabled Iran’s Ability To Target Shipping »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Maryville Online - Cybersecurity Program

Maryville Online - Cybersecurity Program

The Cybersecurity Program at Maryville Online is designed to help students reach opportunities in cybersecurity leadership and management through an entirely online curriculum.

MailGuard

MailGuard

MailGuard delivers a full suite of security solutions across email and web to protect your business before threats reach your environment.

TCPWave

TCPWave

TCPWave IPAM is the world’s first acclaimed DNS/DHCP management software to pass the most stringent Information security tests.

WetStone Technologies

WetStone Technologies

WetStone develops software solutions that support investigators and analysts engaged in eCrime Investigation, eForensics and incident response activities.

Securicon

Securicon

Securicon provides expert consulting for application, system and network security.

Nuspire

Nuspire

Nuspire provide services to protect your network with best-in-class managed detection and response, allowing you to stay focused on managing your business.

Monster Jobs

Monster Jobs

Monster is a global leader in connecting people to jobs, wherever they are. Monster covers all job sectors including cybersecurity in locations around the world.

WisePlant

WisePlant

WisePlant's portfolio of solutions and services includes process measurement, secure automation, industrial cybersecurity, functional safety and more.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

Let's Encrypt

Let's Encrypt

Let’s Encrypt is a free, automated, and open digital certificate authority, run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

Telefonica Global Solutions (TGS)

Telefonica Global Solutions (TGS)

Telefonica Global Solutions is the technological partner of wholesalers and enterprises, helping them to achieve the digitalization they need.

Orca Technology

Orca Technology

Orca is a UK-based Managed Service Provider delivering end-to-end managed IT services, support, hosted desktop, cloud solutions and strategic guidance.

Insane Cyber

Insane Cyber

Insane Cyber make cybersecurity easier to manage through automated, easy-to-use software and expert support and partnership.

Linx Security

Linx Security

The Linx Identity Security platform enables identity, security, and IT ops teams to finally control the whole identity lifecycle.

Sage IT

Sage IT

Sage IT offer a wide range of professional and consulting services to help organizations overcome the challenges of today's ever-changing business environment.

CeTu

CeTu

CeTu - Data Orchestration for the Modern SOC. Strengthen security and optimize costs with the world's first AI-native platform for scaling and future-proofing your data stack.