- Insider threats now account for more than half of cases, at 57%.
- Employee devices and IDs are among the most targeted
- Businesses should recognize this and tighten access for a quick fix
New data from Orange Cyberdefense suggests that the biggest risks businesses face may now come from within, with insider threats increasing from 47% to 57% in less than a year.
For the first time, insider threats became more common than external threats, with hacking remaining relatively stable at 31% of attacks, compared to employee misuse, which increased from 29% to 45%.
However, while it is employees who might be causing higher risk internally, businesses could do more to protect themselves, well beyond the simple sense of cybersecurity.
Article continues below
Internal risks are now the biggest threat organizations face
The report attributes some risks to the rise of shadow IT – a topic we’ve heard a lot about lately, as businesses struggle to properly apply AI within their organizations. Frustrated workers often resort to unapproved tools, often transmitting sensitive company information in public applications.
It should also be taken into account that hackers themselves more frequently target company internals, exploiting the daily behavior of employees instead of having to rely on more sophisticated, externally designed attacks.
“While not inherently malicious, employee abuse can be just as damaging as a sophisticated breach, especially as attackers increasingly turn policy solutions into external entry points,” explained Carl Morris, senior security researcher.
Endpoints remain one of the biggest targets, with worker devices involved in more than half (53%) of incidents. And although they represent a smaller percentage overall, identity attacks have also increased, from 10% to 17% in about a year.
Looking ahead, Orange Cyberdefense urges businesses to recognize that many risks now come from within an organization. Strengthening access controls and privileges can completely reduce the attack surface, while simple multi-factor authentication can also be used to prevent attackers from gaining access.
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.
