Most (95%) cybersecurity incidents were caused by human error last year, the World Economic Forum calculated. Such incidents appear to be spiraling, with the annual cost of cybercrime predicted to reach $8 trillion this year, according to Cybersecurity Ventures. If that wasn’t alarming enough, experts warn that bad actors within organizations are a growing security risk.
Some employees, manipulated and compromised through “social engineering,” might not even realize they are aiding and abetting criminals. Similarly, employers might not know they have been attacked, until it’s too late.
Worse, all too often, businesses — which are, in the post-pandemic era, being urged to provide greater autonomy to and trust in employees — are blindsided by this so-called “insider threat.”
In a nutshell, an insider threat refers to someone who steals data or breaks the internal systems of the organization they work for, for their own purposes. For example, in 2017, an administrator working for Dutch hosting provider Verelox, deleted all customer data and wiped most of the company’s servers.
The full version of this article was first published on Digiday’s future-of-work platform, WorkLife, in January 2023 – to read the complete piece, please click HERE.