10 Facts About Insider Risk That You Must See
As long as a company employs people, that company will have some level of insider risk. Insider risk is the chance that you have of something going wrong with your security because of the actions of a person, whether that employee means to cause harm or not. From malicious acts to mistakes, every business carries insider risk. It’s not something that can be eliminated, but it is something that can be mitigated.
AI is the secret weapon you’re looking for to boost business email security. SEE WHY>>
What is Insider Risk?
Insider risk is an important factor to consider when building a phishing defense. Employees are a company’s last line of defense against phishing, and unfortunately, they fail at it frequently. The actions that employees take when handling email can have devastating consequences for their employers. These facts can help you get a grip on insider risk and how it may impact your organization.
- 1 in 3 employees are likely to click the links in phishing emails.
- More than 60% of cyberattacks are attributed to insiders
- More than 2 out of 3 insider threat incidents are caused by negligence
- Negligent employees create over 60% of security incidents
- More than 80% of data breaches involve a human element
- About 60% of organizations say insider incidents have become more frequent
- Over 65% of accidental insider threats come from phishing attacks
- One in four employees (25%) said they have clicked on a phishing email at work
- Nearly 45% of respondents cited distraction as the top reason for falling for a phishing scam
- Around 50% of employees are sure that they have made an error that led to a security incident
Learn the secret to ransomware defense in Cracking the RANSOMWARE Code. GET BOOK>>
How Could It Impact My Company?
The actions of an employee can make or break their company’s security plan. Sometimes, disgruntled employees are out to harm their employers. But most of the time, insider risk comes from well-meaning but human employees who make mistakes. These are the most common mistakes that employees make and why they make them.
Opening a phishing email
Phishing risk varies by industry. Many factors can impact the calculus for exactly how likely an employee is to fall prey to a phishing attack. Throughout the last few years, we’ve seen how cyberattack risk shifts in industries based on factors like public need, production pressure and profitability of their data. The proliferation of brand impersonation and the rise of social media phishing have sent phishing risk skyrocketing, and with it, insider risk. An estimated 74% of respondents in a business survey admitted that their companies had been successfully phished in the last year.
Downloading a dodgy attachment
Employees will frequently come into contact with shady attachments. These are incredibly dangerous for businesses, especially since they’re potential vectors for ransomware and malware. About 48% of malicious email attachments are Office files. Microsoft Office formats like Word, PowerPoint and Excel are popular file extensions for cybercriminals to use when transmitting malware via email, accounting for 38% of phishing attacks. The next most popular delivery method: archived files such as .zip and .jar, which account for about 37% of malicious transmissions.
Sending someone the wrong file
Employees are bound to make mistakes, and when it comes to date handling that can be disastrous. Misdelivery was cited as the number four cause of a data breach in Verizon’s 2021 Data Breach Investigations report, down from number 3 in 2020. It is responsible for around 30% of data breaches. That misdelivery could be from an internal transfer like sending a file to someone in the organization who isn’t authorized to view it or from a misdelivery outside of the organization, like sending sensitive information to the wrong clients in an email distribution list.
The road to security success begins with 5 Steps to Ransomware Readiness! GET IT>>
What Are the Two Types of Insider Risk?
Every business is faced with two categories of insider risk to mitigate.
Malicious Insiders
This is the risk to a company that comes from employees who intend to do harm to their employer deliberately. Malicious insiders cause massive damage quickly by taking harmful actions like stealing company secrets, selling access to a company’s network or deploying ransomware.
How Does an Employee Become a Malicious Insider?
No one ever wants to believe that someone on their team is there to do more harm than good. However malicious insider actions are responsible for an estimated 25% of confirmed data breaches. Determining their motivations can shed light on why an employee might become a malicious insider.
The Top 3 Motivations for Malicious Insiders
- An estimated 70% of malicious insider breaches are financially motivated, chiefly through employees selling credentials or access to systems and data on the dark web.
- A scary 25% of malicious insider incidents are motivated by espionage or theft of intellectual property, like selling formulas, stealing sensitive data or disclosing company secrets.
- Around 4% of malicious insider incidents are caused by angry employees who want to damage the company. They sometimes choose to do that by deploying ransomware or deleting data.
Source: 2021 Verizon Data Breach Investigations Report
The Top 3 Departments for Malicious Insiders to Target
- Finance (41%),
- Customer Success (35%)
- Research and Development (33%)
Source: Swiss Cybersecurity Forum
The Top 6 Malicious Insider Actions
- 62% exfiltrating data
- 19% privilege misuse
- 9.5% data aggregation/snooping
- 5.1% infrastructure sabotage
- 3.8% circumvention of IT controls
- 0.6% account sharing
Source: Statista
AI is the secret weapon you’re looking for to boost business email security. SEE WHY>>
Accidental/Non-Malicious Insiders
These are regular, everyday employees who are just doing their jobs but make mistakes. These employees aren’t malicious, just uneducated about security or careless. Unfortunately, negligence and errors can be just as devastating to an organization’s security as intentional sabotage, especially when it comes to handling email.
How Do Employee Actions Generate Risk?
Just one employee clicking on one phishing message could unleash these cybersecurity disasters:
- Ransomware
- Malware
- Business Email Compromise
- Account Takeover
- Data Breach
- Compliance Failure
How to Spot a Non-Malicious Insider Threat
These employee behaviors make it more likely that you’ll have an accidental insider threat turn into a damaging cybersecurity incident.
- Sharing passwords, especially privileged passwords
- Reusing, recycling, never changing or writing down passwords
- Careless data handling like frequently sending sensitive data to the wrong recipient
- Fear of asking for help or clarification around possible threats like phishing
- Threats of termination if an employee makes a mistake
- Lack of support in enforcing security protocols
- Ignorance of common threats due to lack of security awareness
- Too little training in proper security protocols
- Time pressures that up the chance for a mistake
- No security culture within an organization
Still relying on an old-fashioned SEG? See why Graphus is better! SEE THE COMPARISON>>
Don’t Let Employee Mistakes with Phishing Sink Your Company
Employees can’t click on an email that they don’t get. That’s the biggest reason why automated phishing protection with Graphus is a smart move for every business. Our patented algorithm uses predictive reasoning and pattern recognition to create trusted email profiles based on your staff’s email traffic patterns. TrustGraph compares incoming communications to these profiles to detect and prevent sophisticated phishing attacks.
TrustGraph doesn’t just check a message against a safe sender list though. It analyzes the content of messages too, using over 50 different attributes of your employees’ communications learns to spot and stop suspicious messages before they land in anyone’s inbox. Plus, it never stops improving your protection. Machine learning ensures that Graphus learns from every interaction, tailoring your company’s protection to meet its unique needs.