One in Four Workers Would Steal Company Information

Nearly five hundred IT employees said they would take company information to help apply for a position at a competitor, according to a workplace behaviour audit carried out by the security experts at Gurcul
 
The study also found that thirty-four percent of managed service providers and thirty percent of developers are a main source of third party risk. Also if someone was to commit fraud thirty-two percent said it would most likely occur in the finance department.
 
“What these findings show is that insider fraud is a top concern among IT security professionals, as are the security risks associated with third parties that have privileged access to corporate resources,” said Craig Cooper, COO from Gurucul who did the research. 
 
“Since detecting insider threats by employees and trusted third parties is the ultimate game of cat and mouse, many leading edge security organisations are using machine learning to compare the behavior of all users against established baselines of ‘normal’ activity. This allows them to identify anomalous events and spot outliers so they can remediate threats early on.”
 
Key Findings
At the 2019 Blackhat USA Conference, Gurucul conducted a workplace behavior survey to better understand the risky behaviors that pose a security risk to organisations. 476 IT security professionals from around the world completed the questionnaire, of which, more than half work in organisations with at least 2,500 employees. 
 
Some of the reports highlights include:
• Nearly one in four people (24%) would take company information to help apply for a role at a competitor
• Nearly one third (32%) of IT security pros think that finance is the department most at risk for fraud
• Almost three fourths (74%) of respondents tightened up third-party access because of third-party breaches
• The third parties that most concern respondents are MSPs, followed by developers
• 44% of respondents spend at least one hour a day on non-work related web sites (including 32% of those in retail)
• The larger the organisation, the more likely it is that workers will surf the web for fun while at work
• Browsing social media sites is the most popular non-work related online activity
 
Gurucul:              Go1 Survey
 
You Might Also Read:
 
Its Your People Who Contribute To Data Theft:
 
 
« Webinar: JumpStart Guide to Application Security in AWS
US Cyber Attack Disabled Iran’s Ability To Target Shipping »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Wizard Computing

Wizard Computing

Wizard Computer Services is a full service IT solutions provider that offers managed services, consultation, installation, and support to small and large businesses in New England.

Protegrity

Protegrity

Protegrity is an enterprise and cloud data security software for data-centric encryption and tokenization to protect sensitive data while maintaining usability.

ZeroFox

ZeroFox

ZeroFox safeguards modern organizations from dynamic security risks across social, mobile, surface, deep and dark web, email and collaboration platforms.

Oodrive

Oodrive

Oodrive is the first trusted European collaborative suite allowing users to collaborate, communicate and streamline business with transparent tools that ensure security.

Ethoca

Ethoca

Ethoca is a secure network for card issuers and merchants to connect and work cooperatively outside the payment network in a unique and powerful way.

PBOSecure

PBOSecure

PBOSecure is a dynamic and progressive IT consultancy company specializing in IT and Industrial Control System (ICS) security.

Workz Group

Workz Group

Workz connects and protects mobile subscribers of today and tomorrow by providing secure removable or embedded SIMs and remote provisioning solutions for consumer, M2M and IOT devices.

CYBER.ORG

CYBER.ORG

CYBER.ORG's goal is to empower educators as they prepare the next generation to succeed in the cyber workforce of tomorrow.

IP2Location

IP2Location

IP2Location provide services to identify geolocation by IP address, and to detect IP addresses associated with anonymous proxy servers, which are often used for fraud and spamming purposes.

Unit21

Unit21

Unit21 helps protect businesses against adversaries through a simple API and dashboard for detecting and managing money laundering, fraud, and other sophisticated risks across multiple industries.

Electrosoft Services

Electrosoft Services

Electrosoft provide mature, innovative technology-based services and solutions to power critical IT programs and keep our nation safe from cybersecurity attacks.

TatvaSoft

TatvaSoft

TatvaSoft is a custom software development company delivering business IT solutions and related services to customers across the globe.

Green Radar

Green Radar

Green Radar is a next generation cybersecurity company which combines technologies and services together to deliver Threat Detection for Emails and Deep Threat Analytics and Response.

Black Girls In Cyber (BGiC)

Black Girls In Cyber (BGiC)

Black Girls In Cyber's mission is to increase industry awareness and diversity in cybersecurity, privacy, and STEM for women of color.

TIM Enterprise

TIM Enterprise

TIM Enterprise offers innovative, sustainable and secure 360-degree digital solutions to companies and public administrations.

Synagex

Synagex

Synagex Modern IT is a simple IT and cybersecurity solution for businesses.