Insider Security Risks

July 23, 2020

Let’s assume the Twitter security story is true. Insiders were engineered. Right. Insider security risks exist, and they are a potential sink hole. Fancy Dan cyber security systems can do some things well; most fail when it comes to handling the crazy stuff employees do, either intentionally or unintentionally.

43 Percent of Employees Make Mistakes That Have Cybersecurity Implications” reports:

A quarter of employees confess to clicking on links in a phishing email at work, with distraction cited as a top reason for falling for a phishing scam by 47 percent of employees. This is closely followed by the fact that the email ‘looked legitimate’ (43 percent), with 41 percent saying the phishing email looked like it came from a senior executive or a well-known brand.

Other findings:

include 58 percent of employees admitting to sending a work email to the wrong person, with 17 percent of those emails going to the wrong external party. This simple error can lead to serious consequences for both the individual and the company, who must report the incident to regulators as well as their customers. In fact, a fifth of respondents say their company had lost customers as a result of sending a misdirected email, while one in 10 employees (12 percent) lost their jobs.

How valid are these data? Tough to say, but the Twitter slip up flashes a yellow caution light. And errant USB drives, snatched mobile phones, and stolen laptops? There are a number of human-centric risks and the consequences in our fractious times can be unpleasant.

Stephen E Arnold, July 23, 2020

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta