Sunday, December 3, 2023

Employees Actively Seeking Ways to Bypass Corporate Security Protocols in 95 % of Enterprises

Nowadays cyber incidents activities such as data theft, insider threat, malware attack most are significant security risks and some it caused by the employees of the company both intentionally or unknowingly, also around 95% of threat and Activities with access to corporate endpoints, data, and applications.

Many of the security testings among the most alarming discoveries was that 95 percent of assessments revealed employees were actively researching, installing or executing security or vulnerability testing tools in attempts to bypass corporate security.

They are using anonymity tools like  Tor,VPNs frequently to hide who is Trying to breaking corporate security.

Christy Wyatt, CEO at Dtex Systems said, “Some of the year’s largest reported breaches are a direct result of malicious insiders or insider negligence.

People are the weakest security link

Last year survey reported by Dtex Systems said, 60 percent of all attacks are carried out by insiders. 68 percent of all insider breaches are due to negligence, 22 percent are from malicious insiders and 10 percent are related to credential theft.

Also, the current trend shows that the first and last two weeks of employment for employees are critical as 56 percent of organizations saw potential data theft from leaving or joining employees during those times.

Increased use of cloud services puts data at risk

64 percent of enterprises assessed found corporate information on the web that was publicly accessible, due in part to the increase in cloud applications and services.

To make matters worse, 87 percent of employees were using personal, web-based email on company devices. By completely removing data and activity from the control of corporate security teams, insiders are giving attackers direct access to corporate assets.

Inappropriate internet usage is driving risk

59 percent of organizations analyzed experienced instances of employees accessing pornographic websites during the work day.

43 percent had users who were engaged in online gambling activities over corporate networks, which included playing the lottery and using Bitcoin to bet on sporting events.

This type of user behavior is indicative of overall negligence and high-risk activities taking place.

Dtex Systems analyzed and prepared these risk assessments from 60 enterprises across North America, Europe and Asia with the industries like IT, Finance, Public Sector, Manufacturing, Pharmaceuticals, and Media & Entertainment.

Also Read

Website

Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles