Report: Employees Cause 46% of Cybersecurity Incidents

Business leaders are worried that their employees are letting cybersecurity threats into their networks and systems, and users are covering up their tracks and not reporting intrusions, according to a survey commissioned by Kaspersky Lab. 

The survey, “Human Factor in IT Security: How Employees are Making Businesses Vulnerable from Within,” which was conducted by market research firm B2B International and released Monday, found that, after malware, careless or uninformed staff members are the most likely cause of a cybersecurity breach. According to the report, in 46 percent of cybersecurity incidents in the last year, careless or uninformed staff have contributed to the attack. 

According to the survey of 5,000 businesses around the globe, 52 percent of respondents believe they are at risk from within. Further, at very small businesses, 48 percent of companies with one to 49 employees say they feel unprotected from inappropriate IT use by employees. The number falls to 46 percent for companies with 50 to 99 employees and 39 percent for firms with 1,000 or more employees. 

To make matters worse, the survey notes that employees hide IT security incidents in 40 percent of businesses across the globe to avoid punishment. According to the report, this issue is worse at larger companies. Fully 45 of enterprises (over 1,000 employees) experience employees hiding cybersecurity incidents, with 42 percent of small and medium-sized companies (50 to 999 employees), reporting the same. Yet only 29 percent of very small businesses (under 49 employees) reported this issue.