Survey: Biggest insider threats are ordinary employees
A survey of more than 1,000 UK residents indicates that insider threats to companies are mainly comprised of normal, mainstream employees.
Most strikingly, the survey found that 70 percent of respondents had clear plans to take something with them upon actually leaving their job, according to the research by data security firm Imperva.
The most popular data is intellectual property (27 percent) and customer records (17 percent). Moreover, about half of respondents claimed to have personal ownership of the data — 59 percent in the case that they were about to change jobs, and 53 percent if they knew they were about to be dismissed.
"This survey refutes the conventional wisdom that insiders are corporate spies or revenge-seeking employees," explained Imperva CTO Amichai Shulman. "It seems most employees have no deliberate intention to cause the company any damage. Rather, this survey indicates that most individuals leaving their jobs suddenly believe that they had rightful ownership to that data just by virtue of their corporate tenure."
The survey highlights include:
— 70 percent of respondents had clear plans to take something with them upon actually leaving. Ironically, 66 percent of respondents would not deliberately take out employer's data upon rumours of dismissal.
— 79 percent of the surveyed individuals responded that either their organisation does not have, or is unaware of, any policy to remove collected data from employees' laptops upon departure.
— Most respondents (72 percent) have admitted to taking out corporate data. This data is evenly distributed between customer records, HR records and marketing material.
— More than half of the respondents claimed to have personal ownership of the data.
— Some considered data they had taken to be helpful in their next role. The vast majority (85 percent) carry corporate data in their home computers or mobile devices.
The survey shows that employees tend to extract information which is beyond their need to know and enterprises have practically no controls in place to prevent excessive privilege access.
